Lucene search
K
BroadcomTcpreplay

50 matches found

CVE
CVE
added 2020/05/08 5:3 p.m.166 views

CVE-2020-12740

CVE-2020-12740 affects Tcpreplay (tcprewrite) up to version 4.3.2, due to a heap-based buffer over-read in get_ipv6_next() in common/get.c. This can enable information disclosure and, depending on context, may contribute to remote denial of service when processing crafted pcap input. Multiple adv...

9.1CVSS8.9AI score0.01652EPSS
CVE
CVE
added 2023/03/16 12:0 a.m.145 views

CVE-2023-27783

CVE-2023-27783 affects TCPreplay tcprewrite v4.4.3 (and related tcpreplay components). The root cause is in tcpedit_dlt_cleanup (plugins/dlt_plugins.c), allowing a remote attacker to trigger a denial of service. Public advisories confirm fixes in tcpreplay 4.4.4 and related patches for the affect...

7.5CVSS7.1AI score0.01506EPSS
CVE
CVE
added 2022/03/26 12:0 a.m.131 views

CVE-2022-27942

Tcpreplay 4.4.1 (specifically tcpprep) contains CVE-2022-27942: a heap-based buffer over-read in parse_mpls (common/get.c), with impact described as memory safety risk. Public sources in connected docs outline that this vulnerability is present in Tcpreplay 4.4.1 and has been addressed in later r...

7.8CVSS7.4AI score0.01105EPSS
CVE
CVE
added 2022/03/26 12:0 a.m.122 views

CVE-2022-27940

CVE-2022-27940 affects Tcpreplay 4.4.1’s tcprewrite component, with a heap-based buffer over-read in get_ipv6_next (common/get.c). Impact is partial confidentiality/integrity/availability; exploitability is shown in public advisories. Remediation consistently cited across sources is upgrading to ...

7.8CVSS7.4AI score0.011EPSS
CVE
CVE
added 2022/03/26 12:0 a.m.120 views

CVE-2022-27941

CVE-2022-27941 affects Tcpreplay v4.4.1 (tcprewrite) with a heap-based buffer over-read in get_l2len_protocol in common/get.c. The issue is addressed in later Tcpreplay versions (e.g., 4.4.2) per security advisories (ALT Linux/Mageia) and package updates; upgrade to 4.4.2+ to mitigate. Exploitati...

7.8CVSS7.4AI score0.011EPSS
CVE
CVE
added 2022/05/04 12:0 a.m.115 views

CVE-2022-28487

CVE-2022-28487 affects Tcpreplay 4.4.1, due to a memory-leak in fix_ipv6_checksums() with confidentiality impact. Connected advisories/documents consistently point to an upgrade to Tcpreplay 4.4.2 as the fix (e.g., Mageia 4.4.2-alt1, Gentoo GLSA 202210-08, Ubuntu USN 5205-1). Other related CVEs a...

7.5CVSS7.3AI score0.01918EPSS
CVE
CVE
added 2022/03/26 12:0 a.m.100 views

CVE-2022-27939

CVE-2022-27939 affects Tcpreplay (Tcprewrite) 4.4.1, with a reachable assertion in get_layer4_v6 in common/get.c. Multiple connected sources corroborate the issue, including the core description: “tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.” The issue...

5.5CVSS6AI score0.01028EPSS
CVE
CVE
added 2022/04/12 12:0 a.m.98 views

CVE-2022-27416

CVE-2022-27416 affects Tcpreplay v4.4.1, with a double-free vulnerability via __interceptor_free. Public notices and advisories (OSV, GLSA) reference this CVE and associate it with Tcpreplay 4.4.1; remediation is to upgrade to a newer release (e.g., Tcpreplay 4.4.2 or later) per the Gentoo GLSA g...

7.8CVSS7.6AI score0.0083EPSS
CVE
CVE
added 2022/03/22 4:49 p.m.97 views

CVE-2022-25484

CVE-2022-25484 affects tcpreplay’s 4.4.1 release, specifically the tcpprep component. The primary vulnerability details in the initial CVE describe a reachable assertion (assert(l2len > 0)) in packet2tree() within tree.c (tcpprep 4.4.1). Connected sources corroborate multiple memory/heap-relat...

5.5CVSS5.6AI score0.00597EPSS
CVE
CVE
added 2022/04/12 12:0 a.m.96 views

CVE-2022-27418

CVE-2022-27418 : Tcpreplay v4.4.1 contains a heap-based buffer overflow in do_checksum_math (tcpedit/checksum.c). Multiple connected sources confirm this vulnerability in Tcpreplay 4.4.1 with remediation guidance. Impact is documented as high/severe by CVSS vectors in public records. The availabl...

7.8CVSS7.7AI score0.00857EPSS
CVE
CVE
added 2022/02/11 12:0 a.m.93 views

CVE-2021-45387

CVE-2021-45387 affects tcpreplay 4.3.4, with a Reachable Assertion in add_tree_ipv4() located in tree.c. Public records (NVD, OSV, Gentoo GLSA, and Nessus notes) confirm this vulnerability is exploitable via a local vector and can impact availability (NVD CVSS3.1: LOCAL, LOW/or MEDIUM complexity,...

5.5CVSS5.3AI score0.00712EPSS
CVE
CVE
added 2024/03/12 12:0 a.m.92 views

CVE-2023-43279

Tcpreplay 4.4.4 contains a Null Pointer Dereference in mask_cidr6 (cidr.c) that can crash the application when processing a crafted tcprewrite command. This CVE-2023-43279 vulnerability has been acknowledged in multiple advisories and is tracked across vendors (e.g., openSUSE SUSE advises upgradi...

6.5CVSS5.2AI score0.00673EPSS
CVE
CVE
added 2023/03/16 12:0 a.m.90 views

CVE-2023-27786

CVE-2023-27786 affects TCPreplay 4.4.3 (including TCPprep) with a denial-of-service via the macinstring function. Multiple advisories (openSUSE, Mageia, Fedora, Ubuntu) reference the same issue family and related CVEs (27783–27789). The underlying problem involves memory/string handling bugs (e.g...

7.5CVSS7.1AI score0.01468EPSS
CVE
CVE
added 2022/02/11 12:0 a.m.85 views

CVE-2021-45386

CVE-2021-45386 affects tcpreplay 4.3.4, with a reachable assertion in add_tree_ipv6() (tree.c). Multiple downstream advisories note fixes in newer tcpreplay releases (e.g., 4.4.1/4.4.2); Gentoo GLSA 202210-08 recommends upgrading to tcpreplay-4.4.2 to address CVE-2021-45386. Other sources (ALT Li...

5.5CVSS5.3AI score0.00712EPSS
CVE
CVE
added 2024/03/28 2:0 a.m.82 views

CVE-2024-3024

CVE-2024-3024 affects appneta tcpreplay up to version 4.4.4. The vulnerability is a heap-based buffer overflow in get_layer4_v6 in tcpreplay/src/common/get.c, exploitable via local access. Multiple connected sources confirm the issue and reference a public exploit; internal details are not provid...

7.8CVSS5.2AI score0.00437EPSS
CVE
CVE
added 2020/10/19 2:58 p.m.80 views

CVE-2020-24265

CVE-2020-24265 affects tcpreplay’s tcpprep component (version 4.3.3). The vulnerability is a heap buffer overflow in MemcmpInterceptorCommon(), leading to a crash and potential denial of service. Public details across connected documents indicate this issue was fixed in later releases (e.g., tcpr...

7.5CVSS7.5AI score0.02531EPSS
CVE
CVE
added 2023/03/16 12:0 a.m.80 views

CVE-2023-27789

CVE-2023-27789 affects TCPreplay/tcpprep 4.4.3. The vulnerability is triggered via the cidr2cidr function in cidr.c:178, allowing a remote attacker to cause a denial of service. Connected documents corroborate multiple vendor advisories and security plugins (e.g., Mageia MGASA-2023-0188 and Ubunt...

7.5CVSS7.1AI score0.01468EPSS
CVE
CVE
added 2023/12/21 4:3 p.m.80 views

CVE-2023-4256

CVE-2023-4256 affects tcpreplay (tcprewrite component). A double-free vulnerability in tcpedit_dlt_cleanup() within plugins/dlt_plugins.c can be triggered by a crafted file, enabling a local DoS. Affected advisories/documentation in connected sources include openSUSE openSUSE-SU-2025-20119-1 (men...

5.5CVSS5.1AI score0.00326EPSS
CVE
CVE
added 2022/08/18 12:0 a.m.78 views

CVE-2022-37049

CVE-2022-37049 affects Tcpreplay 4.4.1, specifically the tcpprep component with a heap-based buffer overflow in parse_mpls (common/get.c:150). Documents confirm this CVE as part of a broader set of Tcpreplay vulnerabilities; advisories indicate fixes in Tcpreplay 4.4.2 (e.g., Mageia, Fedora). Imp...

7.8CVSS7.6AI score0.00403EPSS
CVE
CVE
added 2020/10/19 2:58 p.m.77 views

CVE-2020-24266

CVE-2020-24266 affects tcpreplay’s tcpprep v4.3.3. The issue is a heap buffer overflow in get_l2len(), which can cause tcpprep to crash and trigger a denial-of-service. Publicly cited advisories from multiple vendors document the vulnerable component and versions (tcpreplay 4.3.3) and confirm rem...

7.5CVSS7.5AI score0.02531EPSS
CVE
CVE
added 2023/03/16 12:0 a.m.76 views

CVE-2023-27785

CVE-2023-27785 affects TCPreplay TCPprep v4.4.3 and allows remote denial of service via the parse endpoints function. Public advisories indicate fixes have been released (e.g., Mageia MGASA-2023-0188 and Ubuntu USN-7231-1) and patches are available; upgrading TCPreplay to a patched release is the...

7.5CVSS7.1AI score0.01468EPSS
CVE
CVE
added 2023/03/16 12:0 a.m.74 views

CVE-2023-27784

CVE-2023-27784 affects TCPReplay/TCPreplay v4.4.3, where the read_hexstring function in utils.c:309 can be abused by a remote attacker to cause a denial of service. Public sources in the connected set corroborate this as part of multiple tcpreplay vulnerabilities and indicate a patch is available...

7.5CVSS7.1AI score0.01468EPSS
CVE
CVE
added 2023/03/16 12:0 a.m.74 views

CVE-2023-27787

CVE-2023-27787 is corroborated by multiple connected advisories (Mageia, Fedora/OpenVAS, OSV, Ubuntu USN) detailing a DoS in TCPreplay/TCPprep v4.4.3 via parse_list (list.c:81). The vulnerability affects tcpreplay-related components and is publicly documented with remediation: apply vendor patche...

7.5CVSS7.1AI score0.01468EPSS
CVE
CVE
added 2017/09/12 8:0 a.m.73 views

CVE-2017-14266

The provided sources confirm a concrete vulnerability: Tcpreplay’s Tcprewrite (version 3.4.4) contains a heap-based buffer overflow triggered by a crafted PCAP file, potentially enabling memory corruption or code execution. This issue is related to CVE-2016-6160 (pre-4.1.2) and has public coverag...

7.8CVSS7.2AI score0.03587EPSS
CVE
CVE
added 2018/12/28 1:0 p.m.73 views

CVE-2018-20553

Tcpreplay vulnerability CVE-2018-20553 affects versions before 4.3.1 and is caused by a heap-based over-read in get_l2len (common/get.c). Public sources describe a heap-based issue in Tcpreplay that can crash the application and, in some advisories, potential denial of service or information expo...

7.8CVSS7.9AI score0.01249EPSS
CVE
CVE
added 2019/02/17 2:0 a.m.72 views

CVE-2019-8377

Tcpreplay 4.3.1 is affected by CVE-2019-8377 due to a NULL pointer dereference in get_ipv6_l4proto() in get.c when parsing a crafted pcap fed to tcpreplay-edit. This can trigger a Denial of Service via segmentation fault and may have unspecified other impact. Public remediation in the connected s...

7.8CVSS7.8AI score0.01317EPSS
CVE
CVE
added 2022/08/18 12:0 a.m.71 views

CVE-2022-37047

CVE-2022-37047 affects Tcpreplay v4.4.1 (component tcprewrite). It describes a heap-based buffer overflow in get_ipv6_next at common/get.c:713. Exploitation details are not provided in the given documents, but multiple sources note the issue alongside other CVEs for Tcpreplay and indicate a fixed...

7.8CVSS7.6AI score0.00403EPSS
CVE
CVE
added 2022/08/18 12:0 a.m.71 views

CVE-2022-37048

Summary: CVE-2022-37048 affects the Tcpreplay package, specifically the tcprewrite component in version 4.4.1, which contains a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. This is part of Tcpreplay 4.4.1 vulnerabilities cluster (alongside CVE-2022-27941 and others) repor...

7.8CVSS7.6AI score0.00403EPSS
CVE
CVE
added 2018/09/28 9:0 a.m.69 views

CVE-2018-17582

Tcpreplay 4.3.0 beta1 contains multiple heap-based buffer over-reads in critical paths (e.g., get_next_packet in send_packets.c; fast_edit_packet in Tcpreplay; dlt_en10mb_encode in en10mb.c; incremental_checksum.h csum_replace4; tcpbridge in tcpreplay) that can lead to Denial of Service and poten...

7.1CVSS7.8AI score0.01211EPSS
CVE
CVE
added 2019/02/17 2:0 a.m.67 views

CVE-2019-8381

CVE-2019-8381 affects Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum() of checksum.c when processing crafted pcap files via tcpreplay-edit, leading to a Denial of Service (Segmentation fault) and potentially other impact. Remediation is to upgrade Tcpreplay to 4.3.2 (e.g., 4.3.2-...

7.8CVSS6.7AI score0.01048EPSS
CVE
CVE
added 2023/03/16 12:0 a.m.67 views

CVE-2023-27788

Summary : CVE-2023-27788 affects TCPrewrite 4.4.3 of Tcpreplay. A remote attacker can cause a denial of service via the ports2PORT function in portmap.c:69. The issue is rated AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD) with a base score of 7.5 (HIGH). Affected component : Tcpreplay Tcprewrite (par...

7.5CVSS7.1AI score0.01384EPSS
CVE
CVE
added 2018/10/17 4:0 a.m.66 views

CVE-2018-18408

Tcpreplay vulnerability CVE-2018-18408 affects the tcpbridge binary in Tcpreplay 4.3.0 beta1. The issue is a use-after-free in the function post_args() in tcpbridge.c, which can lead to denial of service and potentially other unspecified impact. The documents provided do not specify a fixed versi...

9.8CVSS8.6AI score0.02254EPSS
CVE
CVE
added 2017/01/23 9:0 p.m.65 views

CVE-2016-6160

CVE-2016-6160 affects tcpreplay’s tcprewrite utility; before version 4.1.2 it allows remote attackers to cause a denial of service (segmentation fault) by sending a large PCAP frame. The issue is related to CVE-2017-14266, which describes a heap-based buffer overflow in Tcpreplay 3.4.4 triggered ...

7.5CVSS7.1AI score0.02133EPSS
CVE
CVE
added 2019/02/17 2:0 a.m.65 views

CVE-2019-8376

Tcpreplay 4.3.1 contains multiple issues from get_layer4_v6(), get_ipv6_l4proto(), and do_checksum in tcpreplay-edit that can be triggered by crafted pcap files, allowing Denial of Service (segmentation fault) and potential other impact. The vulnerability set includes CVE-2019-8376 (get_layer4_v6...

7.8CVSS7.8AI score0.01317EPSS
CVE
CVE
added 2021/08/25 3:54 p.m.63 views

CVE-2020-18976

Tcpreplay 4.3.2 is affected by a buffer overflow in do_checksum (checksum.c) that can be triggered by a crafted pcap sent to tcpreplay-edit, leading to Denial of Service. Several sources (CNVD/CNNVD, CNVD-2021-93920; DEBIAN and Arch Linux advisories) confirm the flaw and its impact on tcpreplay, ...

5.5CVSS5.9AI score0.0066EPSS
CVE
CVE
added 2021/09/21 11:4 p.m.63 views

CVE-2020-23273

CVE-2020-23273 affects Tcpreplay v4.3.2, due to a heap-buffer overflow in the function randomize_iparp() in edit_packet.c. This flaw allows an attacker to cause a denial of service via a specially crafted pcap file. The connected sources consistently describe the same vulnerability class and impa...

5.5CVSS5.3AI score0.00632EPSS
CVE
CVE
added 2025/05/29 12:0 a.m.63 views

CVE-2024-22654

CVE-2024-22654 affects tcpreplay, where version 4.4.4 contains an infinite loop in the tcprewrite function (get.c). The issue is triggered in the network traffic replay tooling and has been acknowledged in multiple advisories. Public sources in the connected documents consistently reference this ...

7.5CVSS7.5AI score0.00372EPSS
CVE
CVE
added 2018/09/28 9:0 a.m.62 views

CVE-2018-17580

CVE-2018-17580 affects Tcpreplay v4.3.0 beta1, with a heap-based buffer over-read in the function fast_edit_packet() in send_packets.c. This can cause a Denial of Service and potentially information exposure when processing crafted PCAP files. Public-advisory coverage shows fixes in later Tcprepl...

7.1CVSS7.8AI score0.01211EPSS
CVE
CVE
added 2018/10/17 4:0 a.m.60 views

CVE-2018-18407

CVE-2018-18407 affects Tcpreplay 4.3.0 beta1, where a heap-based over-read in tcpreplay-edit (csum_replace4() in incremental_checksum.h) can trigger a denial of service. The vulnerability concerns the incremental checksum path and does not affect confidentiality/integrity; availability is partial...

5.5CVSS6.8AI score0.01239EPSS
CVE
CVE
added 2018/10/03 10:0 p.m.58 views

CVE-2018-17974

CVE-2018-17974 is a heap-based buffer over-read in Tcpreplay 4.3.0 beta1, caused by improper length checks in dlt_en10mb_encode() (memmove) leading to potential Denial of Service. Affected product: Tcpreplay (binary components including dlt_en10mb/en10mb.c, send_packets.c, tcpreplay-edit, tcpbrid...

5.5CVSS7AI score0.00986EPSS
CVE
CVE
added 2018/12/28 1:0 p.m.57 views

CVE-2018-20552

CVE-2018-20552 affects Tcpreplay before 4.3.1, with a heap-based buffer over-read in packet2tree (tree.c). The issue can cause an application crash and, per multiple sources, may lead to denial of service or exposure of sensitive data. Affected users should upgrade to 4.3.1 or later (the fixed ve...

7.8CVSS7.9AI score0.01249EPSS
CVE
CVE
added 2017/03/15 3:0 p.m.54 views

CVE-2017-6429

CVE-2017-6429 concerns tcpreplay’s tcpcapinfo utility. A buffer overflow via a crafted pcap containing an over-size packet affects tcpreplay before 4.2.0 Beta1. Upstream fixes are in 4.2.5+; Fedora/Arch entries show upgrades to 4.2.5-1 or newer. Some sources explicitly state possible arbitrary-co...

7.8CVSS7.7AI score0.02501EPSS
CVE
CVE
added 2018/07/03 5:0 p.m.54 views

CVE-2018-13112

CVE-2018-13112 affects Tcpreplay (and its tcpprep-related routines) in version 4.3.0 beta1, where the function get_l2len in common/get.c may read beyond a heap boundary when processing crafted packet captures, leading to a denial of service (application crash). Public advisories (Fedora, Ubuntu U...

7.5CVSS7.9AI score0.02265EPSS
CVE
CVE
added 2025/08/15 7:2 a.m.42 views

CVE-2025-9019

CVE-2025-9019 affects tcpreplay 4.5.1 (tcpprep component) where the function mask_cidr6 in cidr.c can cause a heap-based buffer overflow . The description notes a remote attack with high complexity and no required user interaction, with exploitation reportedly possible on the latest 4.5.1/recent ...

5.9CVSS7.3AI score0.00918EPSS
CVE
CVE
added 2025/09/22 12:0 a.m.39 views

CVE-2025-51006

CVE-2025-51006 affects tcpreplay’s tcprewrite component. The vulnerability in dlt_linuxsll2_cleanup() (plugins/dlt_linuxsll2/linuxsll2.c) results from tcpedit_dlt_cleanup() potentially invoking the cleanup routine multiple times on the same memory region, enabling a local attacker to trigger a de...

7.8CVSS6.4AI score0.00172EPSS
CVE
CVE
added 2025/08/24 10:2 a.m.37 views

CVE-2025-9384

CVE-2025-9384 affects appneta tcpreplay up to version 4.5.1. The vulnerability is in tcpedit_post_args (src/tcpedit/parse_args.c) and can cause a null pointer dereference. Exploitation requires local access, and public proof-of-concept details exist. Remediation available via upgrade to 4.5.2-bet...

5.5CVSS3.9AI score0.00223EPSS
CVE
CVE
added 2025/08/24 10:32 a.m.33 views

CVE-2025-9385

CVE-2025-9385 affects appneta tcpreplay (tcprewrite component) where the function fix_ipv6_checksums in edit_packet.c can trigger a use-after-free. Impact is limited to local execution; the exploit has been published. Multiple advisories (openSUSE, Fedora, etc.) reference the same issue and note ...

5.5CVSS5.3AI score0.00218EPSS
CVE
CVE
added 2025/09/23 12:0 a.m.31 views

CVE-2025-51005

The CVE-2025-51005 entry affects tcpreplay-4.5.1, specifically the tcpliveplay utility. A heap-buffer-overflow occurs in the checksum calculation logic (do_checksum_math_liveplay) when processing crafted pcap files, which can lead to a denial of service. Connected sources corroborate the vulnerab...

7.5CVSS6.3AI score0.00359EPSS
CVE
CVE
added 2025/08/24 11:2 a.m.31 views

CVE-2025-9386

CVE-2025-9386 affects appneta tcpreplay up to 4.5.1, specifically the get_l2len_protocol function in tcprewrite/get.c. The issue enables a local use-after-free condition. Exploitation requires local access, and the exploit has been publicly disclosed. Remediation is to upgrade to tcpreplay 4.5.2-...

5.5CVSS5.3AI score0.00216EPSS
CVE
CVE
added 2025/08/29 1:32 p.m.24 views

CVE-2025-9649

CVE-2025-9649 affects appneta tcpreplay 4.5.1. The vulnerability is in the function calc_sleep_time (send_packets.c), where input handling leads to a divide-by-zero. Exploitation is local, with publicly disclosed exploit details. A fix is available in 4.5.3-beta3, and vendor notes indicate reprod...

5.5CVSS6.2AI score0.00225EPSS