Filtered by vendor Wireshark
Subscriptions
Filtered by product Wireshark
Subscriptions
Total
689 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-4855 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2025-08-07 | 3.6 Low |
| Use after free issue in editcap could cause denial of service via crafted capture file | ||||
| CVE-2024-0210 | 1 Wireshark | 1 Wireshark | 2025-06-17 | 7.8 High |
| Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2024-0207 | 1 Wireshark | 1 Wireshark | 2025-06-17 | 7.8 High |
| HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2023-6174 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-06-11 | 6.3 Medium |
| SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2022-3725 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2025-05-09 | 6.3 Medium |
| Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2024-11595 | 1 Wireshark | 1 Wireshark | 2025-05-07 | 7.8 High |
| FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2024-11596 | 1 Wireshark | 1 Wireshark | 2025-05-07 | 7.8 High |
| ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2022-3724 | 2 Microsoft, Wireshark | 2 Windows, Wireshark | 2025-04-22 | 6.3 Medium |
| Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows | ||||
| CVE-2017-13766 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation. | ||||
| CVE-2017-9343 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address. | ||||
| CVE-2017-13764 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation. | ||||
| CVE-2017-6014 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory. | ||||
| CVE-2017-6467 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size. | ||||
| CVE-2017-9349 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value. | ||||
| CVE-2017-11411 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350. | ||||
| CVE-2017-6473 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets. | ||||
| CVE-2017-11410 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702. | ||||
| CVE-2017-11409 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type. | ||||
| CVE-2017-9351 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully. | ||||
| CVE-2017-9348 | 1 Wireshark | 1 Wireshark | 2025-04-20 | N/A |
| In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value. | ||||