Vulnerabilities (CVE)

Vendor filter

Wireshark Subscribe

Filter

548 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-18225 1 Wireshark 1 Wireshark 2018-11-29 5.0
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.
CVE-2018-18226 1 Wireshark 1 Wireshark 2018-11-29 7.8
In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.
CVE-2018-18227 1 Wireshark 1 Wireshark 2018-11-29 5.0
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
CVE-2015-2187 3 Novell, Wireshark, Opensuse 3 Wireshark, Opensuse, Opensuse 2018-10-30 5.0
The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a...
CVE-2015-0563 3 Novell, Wireshark, Opensuse 3 Wireshark, Opensuse, Opensuse 2018-10-30 5.0
epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service...
CVE-2015-0559 3 Novell, Wireshark, Opensuse 3 Wireshark, Opensuse, Opensuse 2018-10-30 5.0
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted...
CVE-2015-0561 4 Oracle, Novell, Wireshark and 1 more 4 Solaris, Wireshark, Opensuse and 1 more 2018-10-30 5.0
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application...
CVE-2015-2190 4 Oracle, Novell, Wireshark and 1 more 4 Solaris, Wireshark, Opensuse and 1 more 2018-10-30 5.0
epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that...
CVE-2015-0564 5 Debian, Oracle, Novell and 2 more 6 Debian Linux, Solaris, Opensuse and 3 more 2018-10-30 5.0
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet...
CVE-2015-2189 6 Novell, Debian, Mageia and 3 more 7 Linux, Debian Linux, Wireshark and 4 more 2018-10-30 5.0
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash)...
CVE-2015-2192 3 Novell, Wireshark, Opensuse 3 Wireshark, Opensuse, Opensuse 2018-10-30 5.0
Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted...
CVE-2015-2188 6 Novell, Debian, Mageia and 3 more 7 Linux, Debian Linux, Wireshark and 4 more 2018-10-30 5.0
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and...
CVE-2015-2191 5 Debian, Mageia, Novell and 2 more 5 Debian Linux, Mageia, Wireshark and 2 more 2018-10-30 5.0
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted...
CVE-2015-0560 3 Novell, Wireshark, Opensuse 3 Wireshark, Opensuse, Opensuse 2018-10-30 5.0
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause...
CVE-2013-4081 4 Debian, Novell, Wireshark and 1 more 4 Debian Linux, Wireshark, Opensuse and 1 more 2018-10-30 5.0
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to...
CVE-2013-3556 4 Debian, Novell, Wireshark and 1 more 4 Debian Linux, Wireshark, Opensuse and 1 more 2018-10-30 5.0
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application...
CVE-2013-2475 3 Novell, Wireshark, Opensuse 3 Wireshark, Opensuse, Opensuse 2018-10-30 3.3
The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-4079 3 Novell, Wireshark, Opensuse 3 Wireshark, Opensuse, Opensuse 2018-10-30 5.0
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.
CVE-2013-2486 4 Debian, Novell, Wireshark and 1 more 4 Debian Linux, Wireshark, Opensuse and 1 more 2018-10-30 6.1
The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a...
CVE-2013-3557 4 Debian, Novell, Wireshark and 1 more 4 Debian Linux, Wireshark, Opensuse and 1 more 2018-10-30 5.0
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of...