Vulnerabilities (CVE)

Filtered by vendor Wireshark Subscribe
Total 665 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-11361 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.
CVE-2018-11357 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
CVE-2018-7320 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.
CVE-2018-9272 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.
CVE-2018-7335 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.
CVE-2018-7327 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths.
CVE-2018-9266 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak.
CVE-2018-7418 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.
CVE-2018-7325 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field.
CVE-2018-7332 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length.
CVE-2018-7324 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type.
CVE-2018-7322 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound.
CVE-2018-7421 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification.
CVE-2018-11354 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
CVE-2018-9273 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.
CVE-2018-11356 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
CVE-2018-9274 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.
CVE-2018-9269 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak.
CVE-2018-7333 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size.
CVE-2018-7337 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.