| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-0585 |
834 |
|
DoS |
2022-02-18 |
2022-11-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file |
|
2 |
CVE-2021-4183 |
125 |
|
DoS |
2021-12-30 |
2022-11-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file |
|
3 |
CVE-2020-17498 |
415 |
|
|
2020-08-13 |
2022-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression. |
|
4 |
CVE-2019-9209 |
787 |
|
Overflow |
2019-02-28 |
2022-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values. |
|
5 |
CVE-2019-5721 |
416 |
|
|
2019-01-08 |
2020-03-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided. |
|
6 |
CVE-2019-5719 |
327 |
|
|
2019-01-08 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block. |
|
7 |
CVE-2019-5718 |
125 |
|
|
2019-01-08 |
2020-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check. |
|
8 |
CVE-2019-5717 |
20 |
|
|
2019-01-08 |
2020-03-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero. |
|
9 |
CVE-2019-5716 |
20 |
|
|
2019-01-08 |
2020-03-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation. |
|
10 |
CVE-2018-19626 |
125 |
|
|
2018-11-29 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination. |
|
11 |
CVE-2018-19625 |
125 |
|
|
2018-11-29 |
2020-03-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. |
|
12 |
CVE-2018-19624 |
476 |
|
|
2018-11-29 |
2020-03-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference. |
|
13 |
CVE-2018-5335 |
119 |
|
Overflow |
2018-01-11 |
2019-03-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length. |
|
14 |
CVE-2018-5334 |
119 |
|
Overflow |
2018-01-11 |
2019-03-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks. |
|
15 |
CVE-2017-9617 |
674 |
|
|
2017-06-14 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector. |
|
16 |
CVE-2017-9616 |
674 |
|
|
2017-06-14 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c. |
|
17 |
CVE-2016-9376 |
399 |
|
|
2016-11-17 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large. |
|
18 |
CVE-2016-9375 |
20 |
|
|
2016-11-17 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful. |
|
19 |
CVE-2016-9374 |
119 |
|
Overflow |
2016-11-17 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable. |
|
20 |
CVE-2016-9373 |
416 |
|
|
2016-11-17 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings. |
|
21 |
CVE-2016-9372 |
20 |
|
|
2016-11-17 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects. |
|
22 |
CVE-2016-7180 |
416 |
|
DoS |
2016-09-09 |
2016-09-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. |
|
23 |
CVE-2016-7179 |
119 |
|
DoS Overflow |
2016-09-09 |
2016-09-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
24 |
CVE-2016-7178 |
787 |
|
DoS |
2016-09-09 |
2016-09-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet. |
|
25 |
CVE-2016-7177 |
119 |
|
DoS Overflow |
2016-09-09 |
2016-09-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet. |
|
26 |
CVE-2016-7176 |
119 |
|
DoS Overflow |
2016-09-09 |
2016-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet. |
|
27 |
CVE-2016-7175 |
125 |
|
DoS |
2016-09-09 |
2016-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. |
|
28 |
CVE-2016-6513 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
29 |
CVE-2016-6512 |
20 |
|
DoS Overflow |
2016-08-06 |
2017-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors. |
|
30 |
CVE-2016-6511 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet. |
|
31 |
CVE-2016-6510 |
189 |
|
DoS Overflow |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. |
|
32 |
CVE-2016-6509 |
20 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
33 |
CVE-2016-6508 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet. |
|
34 |
CVE-2016-6507 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. |
|
35 |
CVE-2016-6506 |
399 |
|
DoS |
2016-08-06 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. |
|
36 |
CVE-2016-6505 |
369 |
|
DoS |
2016-08-06 |
2017-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet. |
|
37 |
CVE-2016-6504 |
476 |
|
DoS |
2016-08-06 |
2017-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. |
|
38 |
CVE-2016-6503 |
20 |
|
DoS |
2016-08-06 |
2017-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
39 |
CVE-2016-5359 |
119 |
|
DoS Overflow |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 1.12.x before 1.12.12 mishandles offsets, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted packet. |
|
40 |
CVE-2016-5358 |
20 |
|
DoS |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
41 |
CVE-2016-5357 |
20 |
|
DoS |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file. |
|
42 |
CVE-2016-5356 |
119 |
|
DoS Overflow |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file. |
|
43 |
CVE-2016-5355 |
20 |
|
DoS |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file. |
|
44 |
CVE-2016-5354 |
476 |
|
DoS |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
45 |
CVE-2016-5353 |
20 |
|
DoS |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
46 |
CVE-2016-5352 |
125 |
|
DoS |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
47 |
CVE-2016-5351 |
20 |
|
DoS |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
|
48 |
CVE-2016-5350 |
399 |
|
DoS |
2016-08-07 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. |
|
49 |
CVE-2016-4421 |
20 |
|
DoS |
2016-05-01 |
2016-12-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (deep recursion, stack consumption, and application crash) via a packet that specifies deeply nested data. |
|
50 |
CVE-2016-4420 |
20 |
|
DoS |
2016-05-01 |
2016-05-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
