VYPR

Wireshark

by Wireshark

Source repositories

CVEs (736)

  • CVE-2021-39929Nov 19, 2021
    risk 0.00cvss epss 0.04

    Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

  • CVE-2021-39920Nov 18, 2021
    risk 0.00cvss epss 0.03

    NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

  • CVE-2021-39928Nov 18, 2021
    risk 0.00cvss epss 0.06

    NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

  • CVE-2021-22235Jul 20, 2021
    risk 0.00cvss epss 0.03

    Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file

  • CVE-2021-22222Jun 7, 2021
    risk 0.00cvss epss 0.02

    Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file

  • CVE-2021-22207Apr 23, 2021
    risk 0.00cvss epss 0.02

    Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

  • CVE-2021-22191Mar 15, 2021
    risk 0.00cvss epss 0.04

    Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

  • CVE-2021-22173Feb 17, 2021
    risk 0.00cvss epss 0.02

    Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

  • CVE-2021-22174Feb 17, 2021
    risk 0.00cvss epss 0.03

    Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

  • CVE-2020-26422Dec 21, 2020
    risk 0.00cvss epss 0.05

    Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file

  • CVE-2020-26418Dec 11, 2020
    risk 0.00cvss epss 0.03

    Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

  • CVE-2020-26421Dec 11, 2020
    risk 0.00cvss epss 0.03

    Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

  • CVE-2020-26420Dec 11, 2020
    risk 0.00cvss epss 0.03

    Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

  • CVE-2020-26419Dec 11, 2020
    risk 0.00cvss epss 0.03

    Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.

  • CVE-2020-28030Oct 30, 2020
    risk 0.00cvss epss 0.02

    In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.

  • CVE-2020-26575Oct 6, 2020
    risk 0.00cvss epss 0.03

    In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.

  • CVE-2020-25863Oct 6, 2020
    risk 0.00cvss epss 0.05

    In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.

  • CVE-2020-25866Oct 6, 2020
    risk 0.00cvss epss 0.04

    In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and…

  • CVE-2020-25862Oct 6, 2020
    risk 0.00cvss epss 0.02

    In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.

  • CVE-2020-17498Aug 13, 2020
    risk 0.00cvss epss 0.03

    In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.

Page 21 of 37