tcpreplay
Products
2- 20 CVEs
- 11 CVEs
Recent CVEs
25| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-18408 | Cri | 0.64 | 9.8 | 0.02 | Oct 17, 2018 | A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. | ||
| CVE-2020-12740 | Cri | 0.59 | 9.1 | 0.02 | May 8, 2020 | tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c. | ||
| CVE-2017-14266 | Hig | 0.54 | 7.8 | 0.04 | Sep 12, 2017 | tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | ||
| CVE-2022-37048 | Hig | 0.51 | 7.8 | 0.00 | Aug 18, 2022 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941. | ||
| CVE-2022-37047 | Hig | 0.51 | 7.8 | 0.00 | Aug 18, 2022 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940. | ||
| CVE-2022-27941 | Hig | 0.51 | 7.8 | 0.01 | Mar 26, 2022 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | ||
| CVE-2022-27940 | Hig | 0.51 | 7.8 | 0.01 | Mar 26, 2022 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | ||
| CVE-2019-8381 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have… | ||
| CVE-2019-8377 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service… | ||
| CVE-2019-8376 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation… | ||
| CVE-2024-22654 | Hig | 0.49 | 7.5 | 0.00 | May 29, 2025 | tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. | ||
| CVE-2020-24266 | Hig | 0.49 | 7.5 | 0.03 | Oct 19, 2020 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service. | ||
| CVE-2020-24265 | Hig | 0.49 | 7.5 | 0.03 | Oct 19, 2020 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service. | ||
| CVE-2016-6160 | Hig | 0.49 | 7.5 | 0.02 | Jan 23, 2017 | tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266. | ||
| CVE-2018-17582 | Hig | 0.46 | 7.1 | 0.01 | Sep 28, 2018 | Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial… | ||
| CVE-2023-43279 | Med | 0.42 | 6.5 | 0.01 | Mar 12, 2024 | Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command. | ||
| CVE-2023-4256 | Med | 0.36 | 5.5 | 0.00 | Dec 21, 2023 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local… | ||
| CVE-2022-27939 | Med | 0.36 | 5.5 | 0.01 | Mar 26, 2022 | tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | ||
| CVE-2021-45387 | Med | 0.36 | 5.5 | 0.01 | Feb 11, 2022 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. | ||
| CVE-2021-45386 | Med | 0.36 | 5.5 | 0.01 | Feb 11, 2022 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c |
- risk 0.64cvss 9.8epss 0.02
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
- risk 0.59cvss 9.1epss 0.02
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.
- risk 0.54cvss 7.8epss 0.04
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.
- risk 0.51cvss 7.8epss 0.00
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.
- risk 0.51cvss 7.8epss 0.00
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.
- risk 0.51cvss 7.8epss 0.01
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c.
- risk 0.51cvss 7.8epss 0.01
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation…
- risk 0.49cvss 7.5epss 0.00
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
- risk 0.49cvss 7.5epss 0.02
tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.
- risk 0.46cvss 7.1epss 0.01
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial…
- risk 0.42cvss 6.5epss 0.01
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.
- risk 0.36cvss 5.5epss 0.00
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local…
- risk 0.36cvss 5.5epss 0.01
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
- risk 0.36cvss 5.5epss 0.01
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
- risk 0.36cvss 5.5epss 0.01
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c