iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file
Source: GitLab Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-07-14
Updated
2023-07-25
Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file
Source: GitLab Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-07-14
Updated
2023-07-25
Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file
Source: GitLab Inc.
Max CVSS
5.5
EPSS Score
0.09%
Published
2021-12-30
Updated
2022-11-04
Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file
Source: GitLab Inc.
Max CVSS
5.3
EPSS Score
0.15%
Published
2020-12-21
Updated
2022-09-02
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
Source: GitLab Inc.
Max CVSS
5.3
EPSS Score
0.40%
Published
2020-12-11
Updated
2022-09-02
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
Source: GitLab Inc.
Max CVSS
5.3
EPSS Score
0.33%
Published
2020-12-11
Updated
2022-09-02
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
Source: GitLab Inc.
Max CVSS
5.3
EPSS Score
0.33%
Published
2020-12-11
Updated
2022-09-02
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
Source: GitLab Inc.
Max CVSS
5.3
EPSS Score
0.48%
Published
2020-12-11
Updated
2022-09-02
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.16%
Published
2019-02-28
Updated
2022-04-05
In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.15%
Published
2019-01-08
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.37%
Published
2019-01-08
Updated
2020-08-24
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.18%
Published
2019-01-08
Updated
2020-01-15
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.30%
Published
2019-01-08
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.22%
Published
2019-01-08
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.12%
Published
2018-11-29
Updated
2020-08-24
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.11%
Published
2018-11-29
Updated
2020-03-20
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.12%
Published
2018-11-29
Updated
2020-03-20
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.08%
Published
2017-06-14
Updated
2019-10-03
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.08%
Published
2017-06-14
Updated
2019-10-03
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large.
Source: MITRE
Max CVSS
5.9
EPSS Score
0.30%
Published
2016-11-17
Updated
2017-07-28
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.
Source: MITRE
Max CVSS
5.9
EPSS Score
0.30%
Published
2016-11-17
Updated
2017-07-28
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable.
Source: MITRE
Max CVSS
5.9
EPSS Score
0.51%
Published
2016-11-17
Updated
2017-07-28
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings.
Source: MITRE
Max CVSS
5.9
EPSS Score
0.21%
Published
2016-11-17
Updated
2017-07-28
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects.
Source: MITRE
Max CVSS
5.9
EPSS Score
0.46%
Published
2016-11-17
Updated
2017-07-28
epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
Source: MITRE
Max CVSS
5.9
EPSS Score
0.32%
Published
2016-09-09
Updated
2016-09-29
253 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!