Tcpdump CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (183 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-14461	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	7.5 High
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
CVE-2018-16452	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-12-03	7.5 High
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
CVE-2018-16451	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
CVE-2018-16300	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-12-03	7.5 High
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.
CVE-2018-16230	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
CVE-2018-16228	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
CVE-2019-15166	8 Apple, Canonical, Debian and 5 more	10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more	2025-12-03	1.6 Low
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2017-12989	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().
CVE-2017-12988	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
CVE-2016-7923	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
CVE-2017-12900	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
CVE-2016-7922	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
CVE-2017-11542	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVE-2017-11541	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVE-2017-11108	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
CVE-2017-11543	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
CVE-2017-5483	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2016-8574	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2016-7993	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2017-13009	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().

« first previous Page 4 of 10. next last »