Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tcpdump tcpdump vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-10105
tcpdump prior to 4.9.3 mishandles the printing of SMB data (issue 2 of 2).
Tcpdump Tcpdump
9.8
CVSSv3
CVE-2018-10103
tcpdump prior to 4.9.3 mishandles the printing of SMB data (issue 1 of 2).
Tcpdump Tcpdump
9.8
CVSSv3
CVE-2017-5641
Previous versions of Apache Flex BlazeDS (4.7.2 and previous versions) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unkno...
Apache Flex Blazeds
Hp Xp Command View Advanced Edition
9.8
CVSSv3
CVE-2011-1935
pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote malicious users to send arbitrary data while avoiding detection via crafted packets.
Tcpdump Libpcap
9.8
CVSSv3
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core....
Oracle Virtual Desktop Infrastructure
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.2.0.0
Oracle Storagetek Tape Analytics Sw Tool 2.3
2 EDB exploits
11 Github repositories
9.8
CVSSv3
CVE-2007-3798
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and previous versions allows remote malicious users to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
Tcpdump Tcpdump
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Slackware Slackware 9.0
Slackware Slackware 9.1
Slackware Slackware 10.0
Slackware Slackware 10.1
Slackware Slackware 10.2
Slackware Slackware 11.0
Slackware Slackware 12.0
Freebsd Freebsd 6.2
Freebsd Freebsd
Freebsd Freebsd 6.1
Freebsd Freebsd 5.5
Apple Mac Os X Server
Apple Mac Os X
1 EDB exploit
9.1
CVSSv3
CVE-2019-15167
The VRRP parser in tcpdump prior to 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.
Tcpdump Tcpdump
8.8
CVSSv3
CVE-2019-9971
PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an malicious user to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when u...
3cx Phone System Firmware 16.0.0.1570
Debian Debian Linux -
8.8
CVSSv3
CVE-2021-39244
Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
8.8
CVSSv3
CVE-2017-11455
diag.cgi in Pulse Connect Secure 8.2R1 up to and including 8.2R5, 8.1R1 up to and including 8.1R10 and Pulse Policy Secure 5.3R1 up to and including 5.3R5, 5.2R1 up to and including 5.2R8, and 5.1R1 up to and including 5.1R10 allow remote malicious users to hijack the authenticat...
Pulsesecure Pulse Connect Secure 8.2r1.1
Pulsesecure Pulse Connect Secure 8.2r2.0
Pulsesecure Pulse Connect Secure 8.1r1.0
Pulsesecure Pulse Connect Secure 8.2r4.0
Pulsesecure Pulse Connect Secure 8.2r5.0
Pulsesecure Pulse Connect Secure 8.2r1.0
Pulsesecure Pulse Connect Secure 8.2r4.1
Pulsesecure Pulse Connect Secure 8.2r3.1
Pulsesecure Pulse Connect Secure 8.2r3.0
Ivanti Connect Secure 8.1
Pulsesecure Pulse Policy Secure 5.1r5.0
Pulsesecure Pulse Policy Secure 5.1r1.1
Pulsesecure Pulse Policy Secure 5.1r2.0
Pulsesecure Pulse Policy Secure 5.2r7.0
Pulsesecure Pulse Policy Secure 5.3r7.0
Pulsesecure Pulse Policy Secure 5.3r4.1
Pulsesecure Pulse Policy Secure 5.3r2.0
Pulsesecure Pulse Policy Secure 5.3r3.0
Pulsesecure Pulse Policy Secure 5.1r10
Pulsesecure Pulse Policy Secure 5.3r1.0
Pulsesecure Pulse Policy Secure 5.1r2.1
Pulsesecure Pulse Policy Secure 5.1r1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »