CVSS: 5.3EPSS: 2%CPEs: 1EXPL: 0CVE-2019-15161 – Apple Security Advisory 2019-12-10-3
https://notcve.org/view.php?id=CVE-2019-15161
03 Oct 2019 — rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request. El archivo rpcapd/daemon.c en libpcap versiones anteriores a 1.9.1, maneja inapropiadamente ciertos valores de longitud debido a la reutilización de una variable. Esto puede abrir un vector de ataque involucrando datos adicionales al final de una petición. macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Upda... • http://seclists.org/fulldisclosure/2019/Dec/26 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2018-16451 – tcpdump: Buffer over-read in print_trans() function in print-smb.c
https://notcve.org/view.php?id=CVE-2018-16451
01 Oct 2019 — The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. El analizador SMB en tcpdump versiones anteriores a 4.9.3, presenta lecturas excesivas del búfer en print-smb.c:print_trans() para \MAILSLOT\BROWSE y \PIPE\LANMAN. Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade pers... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0CVE-2018-14470 – tcpdump: Buffer over-read in babel_print_v2() in print-babel.c
https://notcve.org/view.php?id=CVE-2018-14470
01 Oct 2019 — The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). El analizador Babel en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-babel.c:babel_print_v2(). Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Re... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 19EXPL: 1CVE-2019-15166 – lmp_print in tcpdump lacks certain boundary checks
https://notcve.org/view.php?id=CVE-2019-15166
01 Oct 2019 — lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. La función lmp_print_data_link_subobjs() en el archivo print-lmp.c en tcpdump versiones anteriores a 4.9.3, carece de ciertas comprobaciones de límites. Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications r... • https://github.com/Satheesh575555/external_tcpdump_AOSP10_r33_CVE-2019-15166 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.0EPSS: 1%CPEs: 13EXPL: 1CVE-2018-14879 – tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c
https://notcve.org/view.php?id=CVE-2018-14879
01 Oct 2019 — The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). El analizador de argumentos de la línea de comandos en tcpdump versiones anteriores a 4.9.3, presenta un desbordamiento de búfer en tcpdump.c:get_next_file(). An out-of-bounds write vulnerability was discovered in tcpdump while reading the file passed to the -V option of the command line program. An attacker may abuse this flaw by tricking a victim user into using a malicious file with the -V option,... • https://github.com/Trinadh465/external_tcpdump_CVE-2018-14879 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2018-16230 – tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c
https://notcve.org/view.php?id=CVE-2018-16230
01 Oct 2019 — The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). El analizador BGP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applic... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2018-14461 – tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c
https://notcve.org/view.php?id=CVE-2018-14461
01 Oct 2019 — The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). El analizador LDP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-ldp.c:ldp_tlv_print(). An out-of-bounds read vulnerability was discovered in tcpdump while printing LDP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. R... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2018-16452 – tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c
https://notcve.org/view.php?id=CVE-2018-16452
01 Oct 2019 — The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. El analizador SMB en tcpdump versiones anteriores a 4.9.3, presenta un agotamiento de pila en smbutil.c:smb_fdata() mediante la recursividad. Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0CVE-2018-14466 – tcpdump: Buffer over-read in print-icmp6.c
https://notcve.org/view.php?id=CVE-2018-14466
01 Oct 2019 — The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). El analizador Rx en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en las funciones print-rx.c:rx_cache_find() y rx_cache_insert(). Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage f... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2018-10105 – tcpdump: SMB data printing mishandled
https://notcve.org/view.php?id=CVE-2018-10105
01 Oct 2019 — tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). tcpdump versiones anteriores a 4.9.3, maneja inapropiadamente la impresión de datos SMB (problema 2 de 2). Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed in... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-20: Improper Input Validation •