Tcpdump CVEs and Security Vulnerabilities

Filtered by vendor Tcpdump Subscriptions

Filtered by product Tcpdump Subscriptions

Search

Switch to Advanced Search (Beta)

Total 172 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-14461	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	7.5 High
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
CVE-2018-16452	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-12-03	7.5 High
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
CVE-2018-16451	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
CVE-2018-16300	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-12-03	7.5 High
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.
CVE-2018-16230	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
CVE-2018-16228	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
CVE-2019-15167	1 Tcpdump	1 Tcpdump	2025-12-03	9.1 Critical
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.
CVE-2019-15166	8 Apple, Canonical, Debian and 5 more	10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more	2025-12-03	1.6 Low
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2017-12900	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
CVE-2017-11108	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
CVE-2016-7937	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
CVE-2017-12989	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().
CVE-2016-7993	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2017-12988	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
CVE-2016-7932	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
CVE-2017-12999	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
CVE-2016-7992	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVE-2016-7986	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
CVE-2017-12987	3 Debian, Redhat, Tcpdump	6 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 3 more	2025-04-20	9.8 Critical
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
CVE-2016-7984	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().

« first previous Page 4 of 9. next last »