Skip to main content

Tcpdump

147 CVEs product

Monthly

CVE-2017-12896 CRITICAL PATCH Act Now

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump Debian Linux Enterprise Linux Desktop +2
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2017-12895 CRITICAL PATCH Act Now

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2017-12894 CRITICAL PATCH Act Now

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2017-12893 CRITICAL PATCH Act Now

The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-11543 CRITICAL POC THREAT Emergency

tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.5%.

Buffer Overflow Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
10.5%
CVE-2017-11542 CRITICAL POC Act Now

tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
1.0%
CVE-2017-11541 CRITICAL POC Act Now

tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
CVSS 3.0
9.8
EPSS
1.0%
CVE-2017-11108 HIGH This Week

tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Tcpdump
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2017-5486 CRITICAL Act Now

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2017-5485 CRITICAL Act Now

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2017-5484 CRITICAL Act Now

The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
2.3%
CVE-2017-5483 CRITICAL Act Now

The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2017-5482 CRITICAL Act Now

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
1.0%
CVE-2017-5342 CRITICAL Act Now

In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
4.4%
CVE-2017-5341 CRITICAL Act Now

The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
4.4%
CVE-2017-5205 CRITICAL Act Now

The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump Debian Linux Enterprise Linux Desktop Enterprise Linux Server +4
NVD VulDB
CVSS 3.0
9.8
EPSS
1.1%
CVE-2017-5204 CRITICAL Act Now

The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump Debian Linux Enterprise Linux Desktop Enterprise Linux Server +4
NVD VulDB
CVSS 3.0
9.8
EPSS
2.4%
CVE-2017-5203 CRITICAL Act Now

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump Debian Linux Enterprise Linux Desktop Enterprise Linux Server +4
NVD VulDB
CVSS 3.0
9.8
EPSS
1.1%
CVE-2017-5202 CRITICAL Act Now

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump Debian Linux Enterprise Linux Desktop Enterprise Linux Server +4
NVD VulDB
CVSS 3.0
9.8
EPSS
1.1%
CVE-2016-8575 CRITICAL Act Now

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
1.0%
CVE-2016-8574 CRITICAL Act Now

The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7993 CRITICAL Act Now

A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7992 CRITICAL Act Now

The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7986 CRITICAL Act Now

The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7985 CRITICAL Act Now

The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7984 CRITICAL Act Now

The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7983 CRITICAL Act Now

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.7%
CVE-2016-7975 CRITICAL Act Now

The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7974 CRITICAL Act Now

The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7973 CRITICAL Act Now

The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7940 CRITICAL Act Now

The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7939 CRITICAL Act Now

The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7938 CRITICAL Act Now

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.7%
CVE-2016-7937 CRITICAL Act Now

The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7936 CRITICAL Act Now

The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7935 CRITICAL Act Now

The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7934 CRITICAL Act Now

The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7933 CRITICAL Act Now

The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7932 CRITICAL Act Now

The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7931 CRITICAL Act Now

The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7930 CRITICAL Act Now

The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7929 CRITICAL Act Now

The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Juniper Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7928 CRITICAL Act Now

The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7927 CRITICAL Act Now

The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7926 CRITICAL Act Now

The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7925 CRITICAL Act Now

The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7924 CRITICAL Act Now

The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7923 CRITICAL Act Now

The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-7922 CRITICAL Act Now

The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
CVSS 3.0
9.8
EPSS
0.9%
CVE-2015-2155 HIGH PATCH This Week

The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Debian Linux Fedora Opensuse +2
NVD
CVSS 2.0
7.5
EPSS
4.5%
CVE-2015-2154 MEDIUM This Month

The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Tcpdump
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2015-2153 MEDIUM POC THREAT This Month

The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.3%.

Denial Of Service Buffer Overflow Tcpdump
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
11.3%
CVE-2015-0261 HIGH This Week

Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Tcpdump
NVD
CVSS 2.0
7.5
EPSS
1.4%
CVE-2014-9140 MEDIUM POC PATCH This Month

Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Tcpdump
NVD GitHub
CVSS 2.0
5.0
EPSS
5.5%
CVE-2014-8769 MEDIUM POC This Month

tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Tcpdump
NVD
CVSS 2.0
6.4
EPSS
3.1%
CVE-2014-8768 MEDIUM POC THREAT This Month

Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.3%.

Integer Overflow Denial Of Service Opensuse Ubuntu Linux Solaris +1
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
28.3%
CVE-2014-8767 MEDIUM POC This Month

Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Tcpdump
NVD
CVSS 2.0
5.0
EPSS
6.5%
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump +4
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
EPSS 10% CVSS 9.8
CRITICAL POC THREAT Emergency

tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.5%.

Buffer Overflow Tcpdump
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Tcpdump
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 2% CVSS 9.8
CRITICAL Act Now

The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 4% CVSS 9.8
CRITICAL Act Now

In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 4% CVSS 9.8
CRITICAL Act Now

The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump Debian Linux +6
NVD VulDB
EPSS 2% CVSS 9.8
CRITICAL Act Now

The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump Debian Linux +6
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump Debian Linux +6
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump Debian Linux +6
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Juniper Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tcpdump
NVD VulDB
EPSS 5% CVSS 7.5
HIGH PATCH This Week

The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Debian Linux +4
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Tcpdump
NVD
EPSS 11% CVSS 5.0
MEDIUM POC THREAT This Month

The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.3%.

Denial Of Service Buffer Overflow Tcpdump
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH This Week

Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +1
NVD
EPSS 6% CVSS 5.0
MEDIUM POC PATCH This Month

Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Tcpdump
NVD GitHub
EPSS 3% CVSS 6.4
MEDIUM POC This Month

tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Tcpdump
NVD
EPSS 28% CVSS 5.0
MEDIUM POC THREAT This Month

Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 28.3%.

Integer Overflow Denial Of Service Opensuse +3
NVD Exploit-DB
EPSS 7% CVSS 5.0
MEDIUM POC This Month

Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Tcpdump
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy