Tcpdump CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (172 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-16452	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-12-03	7.5 High
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
CVE-2018-16451	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
CVE-2018-16300	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-12-03	7.5 High
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.
CVE-2018-16230	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
CVE-2018-16228	6 Apple, Debian, Fedoraproject and 3 more	6 Mac Os X, Debian Linux, Fedora and 3 more	2025-12-03	9.8 Critical
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
CVE-2019-15167	1 Tcpdump	1 Tcpdump	2025-12-03	9.1 Critical
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.
CVE-2019-15166	8 Apple, Canonical, Debian and 5 more	10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more	2025-12-03	1.6 Low
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2017-13012	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2017-12999	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
CVE-2016-7992	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVE-2017-13033	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVE-2017-13052	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
CVE-2016-7930	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
CVE-2017-11542	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVE-2017-13029	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
CVE-2017-11541	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVE-2016-7984	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
CVE-2016-7986	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
CVE-2016-7985	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
CVE-2016-7974	2 Redhat, Tcpdump	2 Enterprise Linux, Tcpdump	2025-04-20	N/A
The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.

« first previous Page 4 of 9. next last »