{ "id":"CVE-2019-15165", "is_known_exploited_vuln":false, "description":"sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.", "urls":[ "https://nvd.nist.gov/vuln/detail/CVE-2019-15165", "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES", "https://github.com/the-tcpdump-group/libpcap/commit/a5a36d9e82dde7265e38fe1f87b7f11c461c29f6", "https://www.tcpdump.org/public-cve-list.txt", "https://github.com/the-tcpdump-group/libpcap/commit/87d6bef033062f969e70fa40c43dfd945d5a20ab", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00052.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html", "https://lists.debian.org/debian-lts-announce/2019/10/msg00031.html", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/", "https://support.apple.com/kb/HT210788", "https://usn.ubuntu.com/4221-1/", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://usn.ubuntu.com/4221-2/", "https://support.apple.com/kb/HT210790", "https://support.apple.com/kb/HT210785", "https://support.apple.com/kb/HT210789", "https://www.oracle.com/security-alerts/cpuapr2020.html", "https://lists.debian.org/debian-lts-announce/2021/12/msg00014.html" ] }{ "id":"CVE-2019-15161", "is_known_exploited_vuln":false, "description":"rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.", "urls":[ "https://nvd.nist.gov/vuln/detail/CVE-2019-15161", "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES", "https://www.tcpdump.org/public-cve-list.txt", "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://support.apple.com/kb/HT210790", "https://support.apple.com/kb/HT210789", "https://support.apple.com/kb/HT210785", "https://www.oracle.com/security-alerts/cpuapr2020.html" ] }{ "id":"CVE-2019-15164", "is_known_exploited_vuln":false, "description":"rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.", "urls":[ "https://nvd.nist.gov/vuln/detail/CVE-2019-15164", "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES", "https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a", "https://www.tcpdump.org/public-cve-list.txt", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://support.apple.com/kb/HT210790", "https://support.apple.com/kb/HT210789", "https://support.apple.com/kb/HT210785", "https://www.oracle.com/security-alerts/cpuapr2020.html" ] }{ "id":"CVE-2019-15163", "is_known_exploited_vuln":false, "description":"rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.", "urls":[ "https://nvd.nist.gov/vuln/detail/CVE-2019-15163", "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES", "https://github.com/the-tcpdump-group/libpcap/commit/437b273761adedcbd880f714bfa44afeec186a31", "https://www.tcpdump.org/public-cve-list.txt", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/", "https://support.f5.com/csp/article/K92862401?utm_source=f5support&utm_medium=RSS", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://support.apple.com/kb/HT210790", "https://support.apple.com/kb/HT210785", "https://support.apple.com/kb/HT210789", "https://www.oracle.com/security-alerts/cpuapr2020.html" ] }{ "id":"CVE-2019-15162", "is_known_exploited_vuln":false, "description":"rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.", "urls":[ "https://nvd.nist.gov/vuln/detail/CVE-2019-15162", "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES", "https://www.tcpdump.org/public-cve-list.txt", "https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://support.apple.com/kb/HT210790", "https://support.apple.com/kb/HT210789", "https://support.apple.com/kb/HT210785", "https://www.oracle.com/security-alerts/cpuapr2020.html" ] }