VYPR

Vendor CVEs

Wireshark

All CVEs

736 total · sorted by risk
  • CVE-2016-4415MedMay 1, 2016
    risk 0.38cvss 5.9epss 0.02

    wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x before 2.0.2 incorrectly increases a certain octet count, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted file.

  • CVE-2016-4084MedApr 25, 2016
    risk 0.38cvss 5.9epss 0.02

    Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 allows remote attackers to cause a denial of service (integer overflow and application crash) via a crafted packet that triggers an unexpected array size.

  • CVE-2016-4083MedApr 25, 2016
    risk 0.38cvss 5.9epss 0.02

    epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 does not ensure that data is available before array allocation, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2016-4076MedApr 25, 2016
    risk 0.38cvss 5.9epss 0.02

    epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2016-2524MedFeb 28, 2016
    risk 0.38cvss 5.9epss 0.02

    epan/dissectors/packet-x509af.c in the X.509AF dissector in Wireshark 2.0.x before 2.0.2 mishandles the algorithm ID, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8740MedJan 4, 2016
    risk 0.38cvss 5.3epss 0.07

    The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application…

  • CVE-2026-9759MedMay 27, 2026
    risk 0.36cvss 5.5epss 0.00

    ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service

  • CVE-2017-9617MedJun 14, 2017
    risk 0.36cvss 5.5epss 0.01

    In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.

  • CVE-2017-9616MedJun 14, 2017
    risk 0.36cvss 5.5epss 0.01

    In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.

  • CVE-2016-2529MedFeb 28, 2016
    risk 0.36cvss 5.5epss 0.01

    The iseries_check_file_type function in wiretap/iseries.c in the iSeries file parser in Wireshark 2.0.x before 2.0.2 does not consider that a line may lack the "OBJECT PROTOCOL" substring, which allows remote attackers to cause a denial of service (out-of-bounds read and…

  • CVE-2016-2527MedFeb 28, 2016
    risk 0.36cvss 5.5epss 0.01

    wiretap/nettrace_3gpp_32_423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service (stack-based buffer overflow and…

  • CVE-2015-8742MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.01

    The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted…

  • CVE-2015-8741MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.01

    The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8738MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.01

    The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, which allows remote attackers to cause a denial of service (divide-by-zero error…

  • CVE-2015-8737MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.01

    The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not validate the bit rate, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

  • CVE-2015-8734MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.01

    The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8722MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

  • CVE-2015-8721MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.

  • CVE-2015-8720MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a…

  • CVE-2015-8719MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8718MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the "Match MSG/RES packets for async NLM" option is enabled, allows remote attackers to cause a denial of service (application crash) via…

  • CVE-2015-8717MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8716MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8715MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

  • CVE-2015-8714MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8713MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.03

    epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted…

  • CVE-2015-8712MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2015-8711MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.02

    epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

  • CVE-2015-3182MedJan 4, 2016
    risk 0.36cvss 5.5epss 0.01

    epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2026-6525MedMay 2, 2026
    risk 0.29cvss 5.5epss 0.00

    IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4

  • CVE-2026-6870MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6869MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6867MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6538MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6537MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6536MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4

  • CVE-2026-6535MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6534MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6533MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6532MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6531MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6530MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6529MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6528MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service

  • CVE-2026-6527MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6526MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4

  • CVE-2026-6524MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6523MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6522MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

  • CVE-2026-6521MedApr 30, 2026
    risk 0.29cvss 5.5epss 0.00

    OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Page 5 of 15