Tcpdump
This hub aggregates every CVE we track for Tcpdump, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
196
CVEs tracked
134
Critical
34
High
0
In CISA KEV
Severity distribution
CRITICAL134HIGH34MEDIUM26LOW2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Tcpdump.
- CVE-2024-2397infinite loop in the PPP printer of tcpdump6.2
- CVE-2023-1801The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.6.5
- CVE-2019-15167The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.9.1
- CVE-2021-41043Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact.5.5
- CVE-2020-8036str2tokbuf used incorrectly by print-someip.c7.5
- CVE-2020-8037ppp decapsulator can be convinced to allocate a large amount of memory7.5
- CVE-2019-15166lmp_print in tcpdump lacks certain boundary checks1.6
- CVE-2018-16452The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.7.5
- CVE-2018-16451The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.7.5
- CVE-2018-16301The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesy...7.8
- CVE-2018-16300The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.7.5
- CVE-2018-16230The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).7.5
- CVE-2018-16229The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().7.5
- CVE-2018-16228The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().7.5
- CVE-2018-16227The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.7.5
Product normalization is registry-driven with AI assist and human review. How it works