A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-03-23
An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-03-21
A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-03-23
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-11-16
Updated
2024-02-11
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.12%
Published
2023-10-04
Updated
2024-02-11
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-07-14
Updated
2023-07-25
Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-07-14
Updated
2023-07-25
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.06%
Published
2023-05-30
Updated
2023-10-20
Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.
Max CVSS
6.5
EPSS Score
0.06%
Published
2023-08-25
Updated
2023-09-15
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Max CVSS
6.5
EPSS Score
0.06%
Published
2023-05-26
Updated
2023-10-20
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-05-26
Updated
2023-10-20
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Max CVSS
6.5
EPSS Score
0.06%
Published
2023-05-26
Updated
2023-10-20
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-05-26
Updated
2023-10-20
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-05-26
Updated
2023-10-20
GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.08%
Published
2023-04-12
Updated
2023-10-20
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.08%
Published
2023-04-12
Updated
2023-10-20
Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-06-07
Updated
2023-10-20
Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark
Max CVSS
6.5
EPSS Score
0.09%
Published
2023-06-07
Updated
2023-10-20
Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-06-07
Updated
2023-10-20
Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-01-26
Updated
2023-02-09
GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.08%
Published
2023-01-26
Updated
2023-02-01
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.09%
Published
2023-01-26
Updated
2023-02-09
Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.08%
Published
2023-01-26
Updated
2023-02-01
Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.09%
Published
2023-01-26
Updated
2023-02-09
Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Max CVSS
6.5
EPSS Score
0.08%
Published
2023-01-26
Updated
2023-02-09
425 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!