VYPR
Vendor

tcpreplay

Products
2
CVEs
25
Across products
31
Status
Private

Products

2

Recent CVEs

25
View all 25 CVEs →
  • CVE-2018-18408CriOct 17, 2018
    risk 0.64cvss 9.8epss 0.02

    A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.

  • CVE-2020-12740CriMay 8, 2020
    risk 0.59cvss 9.1epss 0.02

    tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.

  • CVE-2017-14266HigSep 12, 2017
    risk 0.54cvss 7.8epss 0.04

    tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.

  • CVE-2022-37048HigAug 18, 2022
    risk 0.51cvss 7.8epss 0.00

    The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.

  • CVE-2022-37047HigAug 18, 2022
    risk 0.51cvss 7.8epss 0.00

    The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.

  • CVE-2022-27941HigMar 26, 2022
    risk 0.51cvss 7.8epss 0.01

    tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c.

  • CVE-2022-27940HigMar 26, 2022
    risk 0.51cvss 7.8epss 0.01

    tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c.

  • CVE-2019-8381HigFeb 17, 2019
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have…

  • CVE-2019-8377HigFeb 17, 2019
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service…

  • CVE-2019-8376HigFeb 17, 2019
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation…

  • CVE-2024-22654HigMay 29, 2025
    risk 0.49cvss 7.5epss 0.00

    tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.

  • CVE-2020-24266HigOct 19, 2020
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.

  • CVE-2020-24265HigOct 19, 2020
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.

  • CVE-2016-6160HigJan 23, 2017
    risk 0.49cvss 7.5epss 0.02

    tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.

  • CVE-2018-17582HigSep 28, 2018
    risk 0.46cvss 7.1epss 0.01

    Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial…

  • CVE-2023-43279MedMar 12, 2024
    risk 0.42cvss 6.5epss 0.01

    Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.

  • CVE-2023-4256MedDec 21, 2023
    risk 0.36cvss 5.5epss 0.00

    Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local…

  • CVE-2022-27939MedMar 26, 2022
    risk 0.36cvss 5.5epss 0.01

    tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.

  • CVE-2021-45387MedFeb 11, 2022
    risk 0.36cvss 5.5epss 0.01

    tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.

  • CVE-2021-45386MedFeb 11, 2022
    risk 0.36cvss 5.5epss 0.01

    tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c