Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to...
6.2CVSS
7.2AI Score
0.0004EPSS
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network...
6.5CVSS
6.5AI Score
0.002EPSS
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than...
9.1CVSS
8.5AI Score
0.002EPSS
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe...
7.5CVSS
7.6AI Score
0.001EPSS
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of...
7.5CVSS
7.2AI Score
0.007EPSS
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds...
7.5CVSS
8.4AI Score
0.005EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than...
7.5CVSS
8.6AI Score
0.003EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()...
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of...
7.8CVSS
7.6AI Score
0.001EPSS
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited...
7.5CVSS
8.4AI Score
0.008EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags...
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
9.8CVSS
8.5AI Score
0.012EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and...
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()...
7.5CVSS
8.5AI Score
0.003EPSS
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and...
7.5CVSS
8.5AI Score
0.003EPSS
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in...
7CVSS
8.3AI Score
0.002EPSS
9.8CVSS
8.5AI Score
0.012EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via...
7.5CVSS
8.4AI Score
0.008EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()...
7.5CVSS
8.5AI Score
0.003EPSS
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must...
3.3CVSS
6.2AI Score
0.001EPSS
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing...
5.5CVSS
5.6AI Score
0.002EPSS
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in...
5.5CVSS
7.1AI Score
0.002EPSS
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process...
7.5CVSS
7.3AI Score
0.005EPSS
9.8CVSS
9.3AI Score
0.006EPSS
9.8CVSS
9.3AI Score
0.006EPSS
9.8CVSS
9.3AI Score
0.015EPSS
9.8CVSS
9.3AI Score
0.006EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.015EPSS
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in...
9.8CVSS
9.3AI Score
0.009EPSS
The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several...
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.006EPSS
9.8CVSS
9.3AI Score
0.015EPSS