Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tcpdump tcpdump vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-31357
A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The...
Juniper Junos Os Evolved 20.4
Juniper Junos Os Evolved 21.1
Juniper Junos Os Evolved 21.2
Juniper Junos Os Evolved
8.8
CVSSv3
CVE-2021-39244
Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
7.5
CVSSv3
CVE-2020-8037
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
Tcpdump Tcpdump 4.9.3
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos
7.5
CVSSv3
CVE-2020-8036
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.
Tcpdump Tcpdump 4.10.0
6.5
CVSSv3
CVE-2019-15709
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.
Fortinet Fortiap-s
Fortinet Fortiap-w2
Fortinet Fortiap-u
5.3
CVSSv3
CVE-2019-15282
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. The vulnerability is due an issue in the authentication logic of the web-base...
Cisco Identity Services Engine Software 2.4\\(0.357\\)
Cisco Identity Services Engine Software
5.3
CVSSv3
CVE-2019-15161
rpcapd/daemon.c in libpcap prior to 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.
Tcpdump Libpcap
5.3
CVSSv3
CVE-2019-15162
rpcapd/daemon.c in libpcap prior to 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for malicious users to enumerate valid usernames.
Tcpdump Libpcap
7.5
CVSSv3
CVE-2019-15163
rpcapd/daemon.c in libpcap prior to 1.9.1 allows malicious users to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.
Tcpdump Libpcap
5.3
CVSSv3
CVE-2019-15164
rpcapd/daemon.c in libpcap prior to 1.9.1 allows SSRF because a URL may be provided as a capture source.
Tcpdump Libpcap
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »