Vendor CVEs
Appneta
All CVEs
26 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14266 | Hig | 0.54 | 7.8 | 0.04 | Sep 12, 2017 | tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | ||
| CVE-2018-13112 | Hig | 0.49 | 7.5 | 0.02 | Jul 3, 2018 | get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. | ||
| CVE-2018-17582 | Hig | 0.46 | 7.1 | 0.01 | Sep 28, 2018 | Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial… | ||
| CVE-2018-17580 | Hig | 0.46 | 7.1 | 0.01 | Sep 28, 2018 | A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. | ||
| CVE-2024-54192 | Med | 0.36 | 5.5 | 0.00 | Feb 10, 2026 | An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c. | ||
| CVE-2018-17974 | Med | 0.36 | 5.5 | 0.01 | Oct 3, 2018 | An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than… | ||
| CVE-2025-9386 | Med | 0.34 | 5.3 | 0.00 | Aug 24, 2025 | A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been… | ||
| CVE-2025-9385 | Med | 0.34 | 5.3 | 0.00 | Aug 24, 2025 | A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been… | ||
| CVE-2025-9157 | Med | 0.34 | 5.3 | 0.00 | Aug 19, 2025 | A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on… | ||
| CVE-2025-9649 | Low | 0.21 | 3.3 | 0.00 | Aug 29, 2025 | A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used.… | ||
| CVE-2025-9384 | Low | 0.21 | 3.3 | 0.00 | Aug 24, 2025 | A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may… | ||
| CVE-2024-3024 | 0.00 | — | 0.00 | Mar 28, 2024 | A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The… | |||
| CVE-2023-4256 | 0.00 | — | 0.00 | Dec 21, 2023 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local… | |||
| CVE-2023-27786 | 0.00 | — | 0.01 | Mar 16, 2023 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. | |||
| CVE-2023-27788 | 0.00 | — | 0.01 | Mar 16, 2023 | An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. | |||
| CVE-2023-27789 | 0.00 | — | 0.01 | Mar 16, 2023 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. | |||
| CVE-2022-28487 | 0.00 | — | 0.02 | May 4, 2022 | Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. | |||
| CVE-2021-45386 | 0.00 | — | 0.01 | Feb 11, 2022 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | |||
| CVE-2020-23273 | 0.00 | — | 0.01 | Sep 21, 2021 | Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap. | |||
| CVE-2019-8381 | 0.00 | — | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have… | |||
| CVE-2019-8376 | 0.00 | — | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation… | |||
| CVE-2019-8377 | 0.00 | — | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service… | |||
| CVE-2018-20552 | 0.00 | — | 0.01 | Dec 28, 2018 | Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | |||
| CVE-2018-20553 | 0.00 | — | 0.01 | Dec 28, 2018 | Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | |||
| CVE-2018-18408 | 0.00 | — | 0.02 | Oct 17, 2018 | A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. | |||
| CVE-2018-18407 | 0.00 | — | 0.01 | Oct 17, 2018 | A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. |
- risk 0.54cvss 7.8epss 0.04
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.
- risk 0.49cvss 7.5epss 0.02
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.
- risk 0.46cvss 7.1epss 0.01
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial…
- risk 0.46cvss 7.1epss 0.01
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file.
- risk 0.36cvss 5.5epss 0.00
An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpedit_dlt_getplugin function at src/tcpedit/plugins/dlt_utils.c.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than…
- risk 0.34cvss 5.3epss 0.00
A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been…
- risk 0.34cvss 5.3epss 0.00
A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on…
- risk 0.21cvss 3.3epss 0.00
A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used.…
- risk 0.21cvss 3.3epss 0.00
A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may…
- CVE-2024-3024Mar 28, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The…
- CVE-2023-4256Dec 21, 2023risk 0.00cvss —epss 0.00
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local…
- CVE-2023-27786Mar 16, 2023risk 0.00cvss —epss 0.01
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.
- CVE-2023-27788Mar 16, 2023risk 0.00cvss —epss 0.01
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.
- CVE-2023-27789Mar 16, 2023risk 0.00cvss —epss 0.01
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.
- CVE-2022-28487May 4, 2022risk 0.00cvss —epss 0.02
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.
- CVE-2021-45386Feb 11, 2022risk 0.00cvss —epss 0.01
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
- CVE-2020-23273Sep 21, 2021risk 0.00cvss —epss 0.01
Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap.
- CVE-2019-8381Feb 17, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have…
- CVE-2019-8376Feb 17, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation…
- CVE-2019-8377Feb 17, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service…
- CVE-2018-20552Dec 28, 2018risk 0.00cvss —epss 0.01
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.
- CVE-2018-20553Dec 28, 2018risk 0.00cvss —epss 0.01
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
- CVE-2018-18408Oct 17, 2018risk 0.00cvss —epss 0.02
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
- CVE-2018-18407Oct 17, 2018risk 0.00cvss —epss 0.01
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.