Filtered by vendor Wireshark
Subscriptions
Filtered by product Wireshark
Subscriptions
Total
685 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11406 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values. | ||||
| CVE-2017-6473 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets. | ||||
| CVE-2017-6470 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by constraining packet lateness. | ||||
| CVE-2017-17084 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length. | ||||
| CVE-2017-15190 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable. | ||||
| CVE-2017-15191 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. | ||||
| CVE-2017-17085 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length. | ||||
| CVE-2017-5596 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow. | ||||
| CVE-2017-7702 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation. | ||||
| CVE-2017-5597 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow. | ||||
| CVE-2017-11408 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection. | ||||
| CVE-2017-11407 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt. | ||||
| CVE-2017-15189 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements. | ||||
| CVE-2017-7703 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly. | ||||
| CVE-2017-7748 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check. | ||||
| CVE-2017-13766 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation. | ||||
| CVE-2017-9351 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully. | ||||
| CVE-2016-7957 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings. | ||||
| CVE-2017-9616 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c. | ||||
| CVE-2017-9350 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length. | ||||