Filtered by vendor Wireshark
Subscribe
Total
649 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-39925 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-39920 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-39921 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-4181 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Http Server and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-4190 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-4182 | 3 Fedoraproject, Oracle, Wireshark | 4 Fedora, Http Server, Zfs Storage Appliance Kit and 1 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-39926 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-4184 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Http Server and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-22222 | 3 Debian, Oracle, Wireshark | 5 Debian Linux, Enterprise Manager Ops Center, Instantis Enterprisetrack and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-22235 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-22207 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Zfs Storage Appliance Kit and 1 more | 2024-02-04 | 5.0 MEDIUM | 6.5 MEDIUM |
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file | |||||
CVE-2020-26419 | 3 Fedoraproject, Oracle, Wireshark | 3 Fedora, Zfs Storage Appliance Kit, Wireshark | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. | |||||
CVE-2021-22191 | 3 Debian, Oracle, Wireshark | 3 Debian Linux, Zfs Storage Appliance, Wireshark | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. | |||||
CVE-2020-25866 | 4 Fedoraproject, Opensuse, Oracle and 1 more | 4 Fedora, Leap, Zfs Storage Appliance Kit and 1 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs. | |||||
CVE-2020-25862 | 5 Debian, Fedoraproject, Opensuse and 2 more | 5 Debian Linux, Fedora, Leap and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum. | |||||
CVE-2020-26420 | 3 Fedoraproject, Oracle, Wireshark | 3 Fedora, Zfs Storage Appliance Kit, Wireshark | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. | |||||
CVE-2020-25863 | 5 Debian, Fedoraproject, Opensuse and 2 more | 6 Debian Linux, Fedora, Leap and 3 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts. | |||||
CVE-2020-26421 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Zfs Storage Appliance Kit and 1 more | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. | |||||
CVE-2020-26422 | 2 Oracle, Wireshark | 2 Zfs Storage Appliance Kit, Wireshark | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file | |||||
CVE-2020-26575 | 4 Debian, Fedoraproject, Oracle and 1 more | 5 Debian Linux, Fedora, Zfs Storage Appliance and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. |