Total
692 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4934 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
|
|||||
| CVE-2013-1574 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 2.9 LOW | N/A |
|
The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
|
|||||
| CVE-2013-4083 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
|
|||||
| CVE-2012-4288 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2025-04-11 | 3.3 LOW | N/A |
|
Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.
|
|||||
| CVE-2013-1588 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 2.9 LOW | N/A |
|
Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
|
|||||
| CVE-2012-0067 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file.
|
|||||
| CVE-2011-1958 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file.
|
|||||
| CVE-2013-4936 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
|
|||||
| CVE-2011-1959 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.
|
|||||
| CVE-2012-6059 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
|
|||||
| CVE-2013-4924 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.
|
|||||
| CVE-2010-4538 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
|
|||||
| CVE-2011-1142 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | 7.5 HIGH |
|
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values.
|
|||||
| CVE-2013-7114 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.
|
|||||
| CVE-2013-3560 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Opensuse, Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
|
|||||
| CVE-2013-5720 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
|
|||||
| CVE-2011-3484 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service (loop and application crash) via a malformed packet.
|
|||||
| CVE-2013-5718 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
|
|||||
| CVE-2012-6056 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count.
|
|||||
| CVE-2013-5722 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
|
|||||
| CVE-2013-3558 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Opensuse, Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
|
|||||
| CVE-2011-1139 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.
|
|||||
| CVE-2012-4296 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2025-04-11 | 3.3 LOW | N/A |
|
Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.
|
|||||
| CVE-2011-0024 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.
|
|||||
| CVE-2012-2394 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 3.3 LOW | N/A |
|
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.
|
|||||
| CVE-2013-1590 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 2.9 LOW | N/A |
|
Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
|
|||||
| CVE-2012-4290 | 4 Opensuse, Redhat, Sun and 1 more | 4 Opensuse, Enterprise Linux, Sunos and 1 more | 2025-04-11 | 3.3 LOW | N/A |
|
The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.
|
|||||
| CVE-2012-6062 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
|
|||||
| CVE-2011-1141 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.
|
|||||
| CVE-2013-2476 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2025-04-11 | 6.1 MEDIUM | N/A |
|
The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.
|
|||||
| CVE-2010-2286 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 3.3 LOW | N/A |
|
The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
|
|||||
| CVE-2010-2284 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 8.3 HIGH | N/A |
|
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.
|
|||||
| CVE-2011-2698 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet.
|
|||||
| CVE-2011-0445 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.
|
|||||
| CVE-2013-1572 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 2.9 LOW | N/A |
|
The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
|
|||||
| CVE-2012-6055 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length field.
|
|||||
| CVE-2011-1957 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.
|
|||||
| CVE-2013-4927 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 7.8 HIGH | N/A |
|
Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.
|
|||||
| CVE-2013-2482 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2025-04-11 | 6.1 MEDIUM | N/A |
|
The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
|
|||||
| CVE-2013-4075 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Opensuse, Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
|
epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
|
|||||