tcpdump (SUSE:Linux Enterprise Server 12 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP4 package tcpdump, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2018-16301 — CVSS 7.8 (high): The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability…
CVE-2017-16808 — CVSS 5.5 (medium): tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
CVE-2018-19519 — CVSS 5.5 (medium): In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of…
CVE-2019-15165 — CVSS 5.3 (medium): sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
CVE-2019-1010220 — CVSS 3.3 (low): tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on…