VYPR

Wireshark

by Wireshark

Source repositories

CVEs (736)

  • CVE-2018-11362HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character.

  • CVE-2018-11361HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.

  • CVE-2018-11360HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.04

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.

  • CVE-2018-11359HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.

  • CVE-2018-11358HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.

  • CVE-2018-11357HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.

  • CVE-2018-11356HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.

  • CVE-2018-11355HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.

  • CVE-2018-11354HigMay 22, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.

  • CVE-2018-9274HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.

  • CVE-2018-9273HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.

  • CVE-2018-9272HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.

  • CVE-2018-9271HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak.

  • CVE-2018-9270HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak.

  • CVE-2018-9269HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak.

  • CVE-2018-9268HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak.

  • CVE-2018-9267HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak.

  • CVE-2018-9266HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak.

  • CVE-2018-9265HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.02

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak.

  • CVE-2018-9264HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.03

    In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency.

Page 2 of 37