Vendor
Wireshark
Wireshark is free and open-source packet analyzer software. It is used for computer network analysis and troubleshooting, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues.
Founded 1998
Products
1
CVEs
560
Across products
5,157
Status
Private
Products
1- 5,157 CVEs
Recent CVEs
560| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-5402 | Hig | 0.57 | 8.8 | 0.00 | Apr 30, 2026 | TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution | |
| CVE-2017-17085 | Hig | 0.52 | 7.5 | 0.07 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length. | |
| CVE-2017-9353 | Hig | 0.52 | 7.5 | 0.07 | Jun 2, 2017 | In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address. | |
| CVE-2017-9347 | Hig | 0.52 | 7.5 | 0.05 | Jun 2, 2017 | In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID. | |
| CVE-2026-5405 | Hig | 0.51 | 7.8 | 0.00 | May 1, 2026 | RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | |
| CVE-2026-5403 | Hig | 0.51 | 7.8 | 0.00 | May 1, 2026 | SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | |
| CVE-2016-2521 | Hig | 0.51 | 7.8 | 0.00 | Feb 28, 2016 | Untrusted search path vulnerability in the WiresharkApplication class in ui/qt/wireshark_application.cpp in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 on Windows allows local users to gain privileges via a Trojan horse riched20.dll.dll file in the current working directory, related to use of QLibrary. | |
| CVE-2017-17084 | Hig | 0.49 | 7.5 | 0.01 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length. | |
| CVE-2017-17083 | Hig | 0.49 | 7.5 | 0.01 | Dec 1, 2017 | In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. | |
| CVE-2017-15193 | Hig | 0.49 | 7.5 | 0.01 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach. | |
| CVE-2017-15192 | Hig | 0.49 | 7.5 | 0.00 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level. | |
| CVE-2017-15191 | Hig | 0.49 | 7.5 | 0.01 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. | |
| CVE-2017-15190 | Hig | 0.49 | 7.5 | 0.00 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable. | |
| CVE-2017-15189 | Hig | 0.49 | 7.5 | 0.00 | Oct 10, 2017 | In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements. | |
| CVE-2017-13767 | Hig | 0.49 | 7.5 | 0.00 | Aug 30, 2017 | In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation. | |
| CVE-2017-13766 | Hig | 0.49 | 7.5 | 0.00 | Aug 30, 2017 | In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation. | |
| CVE-2017-13765 | Hig | 0.49 | 7.5 | 0.01 | Aug 30, 2017 | In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation. | |
| CVE-2017-13764 | Hig | 0.49 | 7.5 | 0.00 | Aug 30, 2017 | In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation. | |
| CVE-2017-11411 | Hig | 0.49 | 7.5 | 0.00 | Jul 18, 2017 | In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350. | |
| CVE-2017-11408 | Hig | 0.49 | 7.5 | 0.01 | Jul 18, 2017 | In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection. |