Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tcpdump tcpdump vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2000-1026
Multiple buffer overflows in LBNL tcpdump allow remote malicious users to execute arbitrary commands.
Lbl Tcpdump 3.4
Lbl Tcpdump 3.4a6
Lbl Tcpdump 3.5
Lbl Tcpdump 3.5 Alpha
1 EDB exploit
801
VMScore
CVE-2019-9971
PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an malicious user to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when u...
3cx Phone System Firmware 16.0.0.1570
Debian Debian Linux -
801
VMScore
CVE-2021-39244
Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX...
Altus Nexto Nx3003 Firmware 1.8.11.0
Altus Nexto Nx3004 Firmware 1.8.11.0
Altus Nexto Nx3005 Firmware 1.8.11.0
Altus Nexto Nx3010 Firmware 1.8.3.0
Altus Nexto Nx3020 Firmware 1.8.3.0
Altus Nexto Nx3030 Firmware 1.8.3.0
Altus Nexto Nx5100 Firmware 1.8.11.0
Altus Nexto Nx5101 Firmware 1.8.11.0
Altus Nexto Nx5110 Firmware 1.1.2.8
Altus Nexto Nx5210 Firmware 1.1.2.8
Altus Nexto Xpress Xp300 Firmware 1.8.11.0
Altus Nexto Xpress Xp315 Firmware 1.8.11.0
Altus Nexto Xpress Xp325 Firmware 1.8.11.0
Altus Nexto Xpress Xp340 Firmware 1.8.11.0
Altus Hadron Xtorm Hx3040 Firmware 1.7.58.0
801
VMScore
CVE-2016-4965
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Fortinet Fortiwan
764
VMScore
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote malicious users to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core....
Oracle Virtual Desktop Infrastructure
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.2.0.0
Oracle Storagetek Tape Analytics Sw Tool 2.3
2 EDB exploits
12 Github repositories
756
VMScore
CVE-2019-15709
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.
Fortinet Fortiap-s
Fortinet Fortiap-w2
Fortinet Fortiap-u
755
VMScore
CVE-1999-1024
ip_print procedure in Tcpdump 3.4a allows remote malicious users to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.
Lbl Tcpdump 3.4
1 EDB exploit
725
VMScore
CVE-2018-1203
In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being run with sudo, may potentially be used by compadmin to execute arbitrary code wit...
Dell Emc Isilon Onefs
1 EDB exploit
685
VMScore
CVE-2007-3798
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and previous versions allows remote malicious users to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
Tcpdump Tcpdump
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Slackware Slackware 9.0
Slackware Slackware 9.1
Slackware Slackware 10.0
Slackware Slackware 10.1
Slackware Slackware 10.2
Slackware Slackware 11.0
Slackware Slackware 12.0
Freebsd Freebsd 6.2
Freebsd Freebsd
Freebsd Freebsd 6.1
Freebsd Freebsd 5.5
Apple Mac Os X Server
Apple Mac Os X
1 EDB exploit
670
VMScore
CVE-2017-5641
Previous versions of Apache Flex BlazeDS (4.7.2 and previous versions) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unkno...
Apache Flex Blazeds
Hp Xp Command View Advanced Edition
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »