Vendor CVEs
Wireshark
All CVEs
736 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-1563 | 0.03 | — | 0.04 | Mar 31, 2008 | The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||
| CVE-2020-9428 | 0.01 | — | 0.03 | Feb 27, 2020 | In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing. | |||
| CVE-2019-13619 | 0.01 | — | 0.06 | Jul 17, 2019 | In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments. | |||
| CVE-2019-10903 | 0.01 | — | 0.06 | Apr 9, 2019 | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check. | |||
| CVE-2019-10901 | 0.01 | — | 0.06 | Apr 9, 2019 | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly. | |||
| CVE-2019-10899 | 0.01 | — | 0.06 | Apr 9, 2019 | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. | |||
| CVE-2019-10896 | 0.01 | — | 0.06 | Apr 9, 2019 | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes. | |||
| CVE-2019-10895 | 0.01 | — | 0.06 | Apr 9, 2019 | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation. | |||
| CVE-2019-10894 | 0.01 | — | 0.06 | Apr 9, 2019 | In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called. | |||
| CVE-2011-0444 | 0.01 | — | 0.07 | Jan 13, 2011 | Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs. | |||
| CVE-2010-2995 | 0.01 | — | 0.07 | Aug 13, 2010 | The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error,… | |||
| CVE-2009-4376 | 0.01 | — | 0.07 | Dec 21, 2009 | Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. | |||
| CVE-2007-6115 | 0.01 | — | 0.06 | Nov 23, 2007 | Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. | |||
| CVE-2007-6114 | 0.01 | — | 0.06 | Nov 23, 2007 | Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser. | |||
| CVE-2007-6112 | 0.01 | — | 0.06 | Nov 23, 2007 | Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | |||
| CVE-2006-3632 | 0.01 | — | 0.07 | Jul 21, 2006 | Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. | |||
| CVE-2026-3203 | 0.00 | — | 0.00 | Feb 25, 2026 | RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service | |||
| CVE-2026-3202 | 0.00 | — | 0.00 | Feb 25, 2026 | NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service | |||
| CVE-2026-3201 | 0.00 | — | 0.00 | Feb 25, 2026 | USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service | |||
| CVE-2026-0961 | 0.00 | — | 0.00 | Jan 14, 2026 | BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service | |||
| CVE-2026-0962 | 0.00 | — | 0.00 | Jan 14, 2026 | SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service | |||
| CVE-2026-0960 | 0.00 | — | 0.00 | Jan 14, 2026 | HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service | |||
| CVE-2026-0959 | 0.00 | — | 0.00 | Jan 14, 2026 | IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service | |||
| CVE-2025-13946 | 0.00 | — | 0.00 | Dec 3, 2025 | MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service | |||
| CVE-2025-13945 | 0.00 | — | 0.00 | Dec 3, 2025 | HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service | |||
| CVE-2025-13674 | 0.00 | — | 0.00 | Nov 26, 2025 | BPv7 dissector crash in Wireshark 4.6.0 allows denial of service | |||
| CVE-2025-13499 | 0.00 | — | 0.00 | Nov 21, 2025 | Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service | |||
| CVE-2025-11626 | 0.00 | — | 0.00 | Oct 10, 2025 | MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service | |||
| CVE-2025-9817 | 0.00 | — | 0.00 | Sep 3, 2025 | SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service | |||
| CVE-2025-5601 | 0.00 | — | 0.00 | Jun 4, 2025 | Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file | |||
| CVE-2025-1492 | 0.00 | — | 0.00 | Feb 20, 2025 | Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-11596 | 0.00 | — | 0.00 | Nov 21, 2024 | ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-11595 | 0.00 | — | 0.00 | Nov 21, 2024 | FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-9781 | 0.00 | — | 0.00 | Oct 10, 2024 | AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-9780 | 0.00 | — | 0.00 | Oct 10, 2024 | ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-8645 | 0.00 | — | 0.00 | Sep 10, 2024 | SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-8250 | 0.00 | — | 0.00 | Aug 28, 2024 | NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-4854 | 0.00 | — | 0.01 | May 14, 2024 | MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file | |||
| CVE-2024-2955 | 0.00 | — | 0.01 | Mar 26, 2024 | T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file | |||
| CVE-2023-6175 | 0.00 | — | 0.03 | Mar 26, 2024 | NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file | |||
| CVE-2024-24479 | 0.00 | — | 0.01 | Feb 21, 2024 | A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | |||
| CVE-2024-24476 | 0.00 | — | 0.01 | Feb 21, 2024 | A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | |||
| CVE-2024-24478 | 0.00 | — | 0.01 | Feb 21, 2024 | An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other… | |||
| CVE-2024-0211 | 0.00 | — | 0.01 | Jan 3, 2024 | DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-0210 | 0.00 | — | 0.00 | Jan 3, 2024 | Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-0209 | 0.00 | — | 0.01 | Jan 3, 2024 | IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-0208 | 0.00 | — | 0.02 | Jan 3, 2024 | GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | |||
| CVE-2024-0207 | 0.00 | — | 0.00 | Jan 3, 2024 | HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | |||
| CVE-2023-6174 | 0.00 | — | 0.01 | Nov 16, 2023 | SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file | |||
| CVE-2023-5371 | 0.00 | — | 0.00 | Oct 4, 2023 | RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file |
- CVE-2008-1563Mar 31, 2008risk 0.03cvss —epss 0.04
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
- CVE-2020-9428Feb 27, 2020risk 0.01cvss —epss 0.03
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.
- CVE-2019-13619Jul 17, 2019risk 0.01cvss —epss 0.06
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.
- CVE-2019-10903Apr 9, 2019risk 0.01cvss —epss 0.06
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.
- CVE-2019-10901Apr 9, 2019risk 0.01cvss —epss 0.06
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.
- CVE-2019-10899Apr 9, 2019risk 0.01cvss —epss 0.06
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.
- CVE-2019-10896Apr 9, 2019risk 0.01cvss —epss 0.06
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.
- CVE-2019-10895Apr 9, 2019risk 0.01cvss —epss 0.06
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.
- CVE-2019-10894Apr 9, 2019risk 0.01cvss —epss 0.06
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
- CVE-2011-0444Jan 13, 2011risk 0.01cvss —epss 0.07
Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs.
- CVE-2010-2995Aug 13, 2010risk 0.01cvss —epss 0.07
The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error,…
- CVE-2009-4376Dec 21, 2009risk 0.01cvss —epss 0.07
Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
- CVE-2007-6115Nov 23, 2007risk 0.01cvss —epss 0.06
Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.
- CVE-2007-6114Nov 23, 2007risk 0.01cvss —epss 0.06
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.
- CVE-2007-6112Nov 23, 2007risk 0.01cvss —epss 0.06
Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
- CVE-2006-3632Jul 21, 2006risk 0.01cvss —epss 0.07
Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.
- CVE-2026-3203Feb 25, 2026risk 0.00cvss —epss 0.00
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service
- CVE-2026-3202Feb 25, 2026risk 0.00cvss —epss 0.00
NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service
- CVE-2026-3201Feb 25, 2026risk 0.00cvss —epss 0.00
USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service
- CVE-2026-0961Jan 14, 2026risk 0.00cvss —epss 0.00
BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
- CVE-2026-0962Jan 14, 2026risk 0.00cvss —epss 0.00
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
- CVE-2026-0960Jan 14, 2026risk 0.00cvss —epss 0.00
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service
- CVE-2026-0959Jan 14, 2026risk 0.00cvss —epss 0.00
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
- CVE-2025-13946Dec 3, 2025risk 0.00cvss —epss 0.00
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service
- CVE-2025-13945Dec 3, 2025risk 0.00cvss —epss 0.00
HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service
- CVE-2025-13674Nov 26, 2025risk 0.00cvss —epss 0.00
BPv7 dissector crash in Wireshark 4.6.0 allows denial of service
- CVE-2025-13499Nov 21, 2025risk 0.00cvss —epss 0.00
Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service
- CVE-2025-11626Oct 10, 2025risk 0.00cvss —epss 0.00
MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service
- CVE-2025-9817Sep 3, 2025risk 0.00cvss —epss 0.00
SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service
- CVE-2025-5601Jun 4, 2025risk 0.00cvss —epss 0.00
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
- CVE-2025-1492Feb 20, 2025risk 0.00cvss —epss 0.00
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file
- CVE-2024-11596Nov 21, 2024risk 0.00cvss —epss 0.00
ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file
- CVE-2024-11595Nov 21, 2024risk 0.00cvss —epss 0.00
FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file
- CVE-2024-9781Oct 10, 2024risk 0.00cvss —epss 0.00
AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file
- CVE-2024-9780Oct 10, 2024risk 0.00cvss —epss 0.00
ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file
- CVE-2024-8645Sep 10, 2024risk 0.00cvss —epss 0.00
SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file
- CVE-2024-8250Aug 28, 2024risk 0.00cvss —epss 0.00
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file
- CVE-2024-4854May 14, 2024risk 0.00cvss —epss 0.01
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file
- CVE-2024-2955Mar 26, 2024risk 0.00cvss —epss 0.01
T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file
- CVE-2023-6175Mar 26, 2024risk 0.00cvss —epss 0.03
NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file
- CVE-2024-24479Feb 21, 2024risk 0.00cvss —epss 0.01
A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
- CVE-2024-24476Feb 21, 2024risk 0.00cvss —epss 0.01
A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
- CVE-2024-24478Feb 21, 2024risk 0.00cvss —epss 0.01
An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other…
- CVE-2024-0211Jan 3, 2024risk 0.00cvss —epss 0.01
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
- CVE-2024-0210Jan 3, 2024risk 0.00cvss —epss 0.00
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
- CVE-2024-0209Jan 3, 2024risk 0.00cvss —epss 0.01
IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
- CVE-2024-0208Jan 3, 2024risk 0.00cvss —epss 0.02
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
- CVE-2024-0207Jan 3, 2024risk 0.00cvss —epss 0.00
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
- CVE-2023-6174Nov 16, 2023risk 0.00cvss —epss 0.01
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
- CVE-2023-5371Oct 4, 2023risk 0.00cvss —epss 0.00
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file
Page 7 of 15