Vulnerabilities (CVE)

Filtered by vendor Digitalcorpora Subscribe
Filtered by product Tcpflow
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-18409 3 Canonical, Digitalcorpora, Fedoraproject 3 Ubuntu Linux, Tcpflow, Fedora 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.
CVE-2018-14938 2 Canonical, Digitalcorpora 2 Ubuntu Linux, Tcpflow 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds read and may allow access to sensitive memory (or a denial of service).