Vendor CVEs
tcpreplay
All CVEs
25 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-18408 | Cri | 0.64 | 9.8 | 0.02 | Oct 17, 2018 | A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. | ||
| CVE-2020-12740 | Cri | 0.59 | 9.1 | 0.02 | May 8, 2020 | tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c. | ||
| CVE-2017-14266 | Hig | 0.54 | 7.8 | 0.04 | Sep 12, 2017 | tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | ||
| CVE-2022-37048 | Hig | 0.51 | 7.8 | 0.00 | Aug 18, 2022 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941. | ||
| CVE-2022-37047 | Hig | 0.51 | 7.8 | 0.00 | Aug 18, 2022 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940. | ||
| CVE-2022-27941 | Hig | 0.51 | 7.8 | 0.01 | Mar 26, 2022 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | ||
| CVE-2022-27940 | Hig | 0.51 | 7.8 | 0.01 | Mar 26, 2022 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | ||
| CVE-2019-8381 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have… | ||
| CVE-2019-8377 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service… | ||
| CVE-2019-8376 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation… | ||
| CVE-2024-22654 | Hig | 0.49 | 7.5 | 0.00 | May 29, 2025 | tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. | ||
| CVE-2020-24266 | Hig | 0.49 | 7.5 | 0.03 | Oct 19, 2020 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service. | ||
| CVE-2020-24265 | Hig | 0.49 | 7.5 | 0.03 | Oct 19, 2020 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service. | ||
| CVE-2016-6160 | Hig | 0.49 | 7.5 | 0.02 | Jan 23, 2017 | tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266. | ||
| CVE-2018-17582 | Hig | 0.46 | 7.1 | 0.01 | Sep 28, 2018 | Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial… | ||
| CVE-2023-43279 | Med | 0.42 | 6.5 | 0.01 | Mar 12, 2024 | Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command. | ||
| CVE-2023-4256 | Med | 0.36 | 5.5 | 0.00 | Dec 21, 2023 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local… | ||
| CVE-2022-27939 | Med | 0.36 | 5.5 | 0.01 | Mar 26, 2022 | tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | ||
| CVE-2021-45387 | Med | 0.36 | 5.5 | 0.01 | Feb 11, 2022 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. | ||
| CVE-2021-45386 | Med | 0.36 | 5.5 | 0.01 | Feb 11, 2022 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | ||
| CVE-2020-23273 | Med | 0.36 | 5.5 | 0.01 | Sep 22, 2021 | Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap. | ||
| CVE-2020-18976 | Med | 0.36 | 5.5 | 0.01 | Aug 25, 2021 | Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381. | ||
| CVE-2025-51005 | 0.00 | — | 0.00 | Sep 23, 2025 | A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible… | |||
| CVE-2025-51006 | 0.00 | — | 0.00 | Sep 22, 2025 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the… | |||
| CVE-2023-27783 | Hig | 0.00 | 7.5 | 0.02 | Mar 16, 2023 | An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. |
- risk 0.64cvss 9.8epss 0.02
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
- risk 0.59cvss 9.1epss 0.02
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.
- risk 0.54cvss 7.8epss 0.04
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.
- risk 0.51cvss 7.8epss 0.00
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.
- risk 0.51cvss 7.8epss 0.00
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.
- risk 0.51cvss 7.8epss 0.01
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c.
- risk 0.51cvss 7.8epss 0.01
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation…
- risk 0.49cvss 7.5epss 0.00
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
- risk 0.49cvss 7.5epss 0.02
tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.
- risk 0.46cvss 7.1epss 0.01
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial…
- risk 0.42cvss 6.5epss 0.01
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.
- risk 0.36cvss 5.5epss 0.00
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local…
- risk 0.36cvss 5.5epss 0.01
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
- risk 0.36cvss 5.5epss 0.01
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
- risk 0.36cvss 5.5epss 0.01
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
- risk 0.36cvss 5.5epss 0.01
Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap.
- risk 0.36cvss 5.5epss 0.01
Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381.
- CVE-2025-51005Sep 23, 2025risk 0.00cvss —epss 0.00
A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible…
- CVE-2025-51006Sep 22, 2025risk 0.00cvss —epss 0.00
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the…
- risk 0.00cvss 7.5epss 0.02
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.