Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
Max CVSS
7.5
EPSS Score
1.34%
Published
2018-09-14
Updated
2020-08-24
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.
Max CVSS
7.5
EPSS Score
0.70%
Published
2018-10-12
Updated
2020-10-15
In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.
Max CVSS
7.8
EPSS Score
0.70%
Published
2018-10-12
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
Max CVSS
7.5
EPSS Score
0.87%
Published
2018-10-12
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.
Max CVSS
7.5
EPSS Score
0.22%
Published
2018-11-29
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.
Max CVSS
7.5
EPSS Score
0.35%
Published
2018-11-29
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.
Max CVSS
5.5
EPSS Score
0.12%
Published
2018-11-29
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.
Max CVSS
5.5
EPSS Score
0.11%
Published
2018-11-29
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.
Max CVSS
5.5
EPSS Score
0.12%
Published
2018-11-29
Updated
2020-08-24
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.
Max CVSS
7.5
EPSS Score
2.22%
Published
2018-11-29
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.
Max CVSS
7.5
EPSS Score
0.25%
Published
2018-11-29
Updated
2020-03-20
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!