VYPR

Wireshark

by Wireshark

Source repositories

CVEs (736)

  • CVE-2008-1563Mar 31, 2008
    risk 0.03cvss epss 0.04

    The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2020-9428Feb 27, 2020
    risk 0.01cvss epss 0.03

    In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.

  • CVE-2019-13619Jul 17, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.

  • CVE-2019-10903Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

  • CVE-2019-10901Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

  • CVE-2019-10899Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

  • CVE-2019-10896Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.

  • CVE-2019-10895Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.

  • CVE-2019-10894Apr 9, 2019
    risk 0.01cvss epss 0.06

    In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

  • CVE-2011-0444Jan 13, 2011
    risk 0.01cvss epss 0.07

    Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs.

  • CVE-2010-2995Aug 13, 2010
    risk 0.01cvss epss 0.07

    The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error,…

  • CVE-2009-4376Dec 21, 2009
    risk 0.01cvss epss 0.07

    Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.

  • CVE-2007-6115Nov 23, 2007
    risk 0.01cvss epss 0.06

    Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.

  • CVE-2007-6114Nov 23, 2007
    risk 0.01cvss epss 0.06

    Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.

  • CVE-2007-6112Nov 23, 2007
    risk 0.01cvss epss 0.06

    Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

  • CVE-2006-3632Jul 21, 2006
    risk 0.01cvss epss 0.07

    Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.

  • CVE-2026-3203Feb 25, 2026
    risk 0.00cvss epss 0.00

    RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

  • CVE-2026-3202Feb 25, 2026
    risk 0.00cvss epss 0.00

    NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service

  • CVE-2026-3201Feb 25, 2026
    risk 0.00cvss epss 0.00

    USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

  • CVE-2026-0961Jan 14, 2026
    risk 0.00cvss epss 0.00

    BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

Page 16 of 37