VYPR

Vendor CVEs

Wireshark

All CVEs

736 total · sorted by risk
  • CVE-2011-1139Mar 3, 2011
    risk 0.00cvss epss 0.03

    wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.

  • CVE-2011-1138Mar 3, 2011
    risk 0.00cvss epss 0.03

    Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.

  • CVE-2011-0713Mar 3, 2011
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.

  • CVE-2011-0445Jan 13, 2011
    risk 0.00cvss epss 0.03

    The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.

  • CVE-2010-3445Nov 26, 2010
    risk 0.00cvss epss 0.04

    Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long…

  • CVE-2010-2994Aug 13, 2010
    risk 0.00cvss epss 0.02

    Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.

  • CVE-2010-2993Aug 13, 2010
    risk 0.00cvss epss 0.02

    The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

  • CVE-2010-2992Aug 13, 2010
    risk 0.00cvss epss 0.03

    packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference.

  • CVE-2010-2287Jun 15, 2010
    risk 0.00cvss epss 0.01

    Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

  • CVE-2010-2286Jun 15, 2010
    risk 0.00cvss epss 0.01

    The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

  • CVE-2010-2285Jun 15, 2010
    risk 0.00cvss epss 0.01

    The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

  • CVE-2010-2284Jun 15, 2010
    risk 0.00cvss epss 0.01

    Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

  • CVE-2010-2283Jun 15, 2010
    risk 0.00cvss epss 0.01

    The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

  • CVE-2010-1455May 12, 2010
    risk 0.00cvss epss 0.02

    The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.

  • CVE-2009-4378Dec 21, 2009
    risk 0.00cvss epss 0.02

    The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime."

  • CVE-2009-4377Dec 21, 2009
    risk 0.00cvss epss 0.03

    The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.

  • CVE-2009-3829Oct 30, 2009
    risk 0.00cvss epss 0.06

    Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."

  • CVE-2009-3551Oct 30, 2009
    risk 0.00cvss epss 0.02

    Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details…

  • CVE-2009-3550Oct 30, 2009
    risk 0.00cvss epss 0.02

    The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained…

  • CVE-2009-3549Oct 30, 2009
    risk 0.00cvss epss 0.03

    packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace.

  • CVE-2009-2563Jul 21, 2009
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.

  • CVE-2009-2562Jul 21, 2009
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.

  • CVE-2009-2561Jul 21, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors.

  • CVE-2009-2560Jul 21, 2009
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later…

  • CVE-2009-2559Jul 21, 2009
    risk 0.00cvss epss 0.02

    Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information.

  • CVE-2009-1829May 29, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.

  • CVE-2009-1266Apr 21, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.

  • CVE-2009-1269Apr 13, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.

  • CVE-2009-1268Apr 13, 2009
    risk 0.00cvss epss 0.02

    The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.

  • CVE-2009-1267Apr 13, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.

  • CVE-2008-6472Mar 14, 2009
    risk 0.00cvss epss 0.02

    The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.

  • CVE-2009-0601Feb 16, 2009
    risk 0.00cvss epss 0.00

    Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.

  • CVE-2009-0600Feb 16, 2009
    risk 0.00cvss epss 0.02

    Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.

  • CVE-2009-0599Feb 16, 2009
    risk 0.00cvss epss 0.03

    Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.

  • CVE-2008-5285Dec 1, 2008
    risk 0.00cvss epss 0.02

    Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.

  • CVE-2008-4685Oct 22, 2008
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.

  • CVE-2008-4684Oct 22, 2008
    risk 0.00cvss epss 0.02

    packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post…

  • CVE-2008-4683Oct 22, 2008
    risk 0.00cvss epss 0.02

    The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.

  • CVE-2008-4681Oct 22, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.

  • CVE-2008-4680Oct 22, 2008
    risk 0.00cvss epss 0.03

    packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).

  • CVE-2008-3933Sep 4, 2008
    risk 0.00cvss epss 0.01

    Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.

  • CVE-2008-3932Sep 4, 2008
    risk 0.00cvss epss 0.02

    Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.

  • CVE-2008-3934Sep 4, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.

  • CVE-2008-3146Sep 2, 2008
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.

  • CVE-2008-3145Jul 16, 2008
    risk 0.00cvss epss 0.02

    The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.

  • CVE-2008-3138Jul 10, 2008
    risk 0.00cvss epss 0.02

    The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.

  • CVE-2008-3137Jul 10, 2008
    risk 0.00cvss epss 0.02

    The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

  • CVE-2008-3139Jul 10, 2008
    risk 0.00cvss epss 0.03

    The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

  • CVE-2008-3141Jul 10, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.

  • CVE-2008-1071Feb 28, 2008
    risk 0.00cvss epss 0.02

    The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.

Page 14 of 15