Vulnerabilities (CVE)

Filtered by vendor Wireshark Subscribe
Total 670 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-4291 4 Opensuse, Redhat, Sun and 1 more 4 Opensuse, Enterprise Linux, Sunos and 1 more 2025-04-11 3.3 LOW N/A
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
CVE-2013-4930 1 Wireshark 1 Wireshark 2025-04-11 5.0 MEDIUM N/A
The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.
CVE-2011-1956 1 Wireshark 1 Wireshark 2025-04-11 4.3 MEDIUM N/A
The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic.
CVE-2013-2487 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2025-04-11 7.8 HIGH N/A
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.
CVE-2012-6055 1 Wireshark 1 Wireshark 2025-04-11 5.0 MEDIUM N/A
epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length field.
CVE-2013-4931 1 Wireshark 1 Wireshark 2025-04-11 5.0 MEDIUM N/A
epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.
CVE-2013-4935 1 Wireshark 1 Wireshark 2025-04-11 4.3 MEDIUM N/A
The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2013-4929 1 Wireshark 1 Wireshark 2025-04-11 7.8 HIGH N/A
The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.
CVE-2010-2285 1 Wireshark 1 Wireshark 2025-04-11 3.3 LOW N/A
The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.
CVE-2012-6059 1 Wireshark 1 Wireshark 2025-04-11 5.0 MEDIUM N/A
The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2011-3483 1 Wireshark 1 Wireshark 2025-04-11 4.3 MEDIUM N/A
Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."
CVE-2011-1141 1 Wireshark 1 Wireshark 2025-04-11 4.3 MEDIUM N/A
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
CVE-2013-4925 1 Wireshark 1 Wireshark 2025-04-11 5.0 MEDIUM N/A
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted packet.
CVE-2012-6052 1 Wireshark 1 Wireshark 2025-04-11 5.0 MEDIUM N/A
Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files.
CVE-2012-0067 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 4.3 MEDIUM N/A
wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file.
CVE-2013-3561 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2025-04-11 7.8 HIGH N/A
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
CVE-2013-4924 1 Wireshark 1 Wireshark 2025-04-11 5.0 MEDIUM N/A
epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.
CVE-2013-1589 1 Wireshark 1 Wireshark 2025-04-11 2.9 LOW N/A
Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2010-2994 1 Wireshark 1 Wireshark 2025-04-11 10.0 HIGH N/A
Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.
CVE-2012-4285 4 Opensuse, Redhat, Sun and 1 more 4 Opensuse, Enterprise Linux, Sunos and 1 more 2025-04-11 3.3 LOW N/A
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.