Releases3
Frequency1 day 18 minutes
Last Release
Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
>= 4.4.0, < 4.4.16, >= 4.6.0, < 4.6.65.5 MEDIUM

ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service

>= 4.6.0, < 4.6.55.5 MEDIUM

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.57 HIGH

Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.57.8 HIGH

SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.57.8 HIGH

RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.54.7 MEDIUM

K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.6.0, <= 4.6.45.5 MEDIUM

TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service

>= 4.6.0, <= 4.6.45.5 MEDIUM

DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.6.0, <= 4.6.45.5 MEDIUM

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.6.0, <= 4.6.45.5 MEDIUM

SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

Monero protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.6.0, <= 4.6.48.8 HIGH

TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution

>= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.45.5 MEDIUM

FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.55.5 MEDIUM

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.55.5 MEDIUM

Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.55.5 MEDIUM

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.55.5 MEDIUM

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.55.5 MEDIUM

HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

>= 4.4.0, < 4.4.14, >= 4.6.0, < 4.6.45.5 MEDIUM

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

>= 4.4.0, < 4.4.14, >= 4.6.0, < 4.6.44.7 MEDIUM

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

>= 4.6.0, < 4.6.44.7 MEDIUM

NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service

>= 4.2.2, < 4.4.13, >= 4.6.0, < 4.6.35.3 MEDIUM

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

>= 4.4.0, < 4.4.13, >= 4.6.0, < 4.6.35.5 MEDIUM

BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

>= 4.4.0, < 4.4.13, >= 4.6.0, < 4.6.35.3 MEDIUM

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

>= 4.4.0, < 4.4.13, >= 4.6.0, < 4.6.34.7 MEDIUM

HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service

>= 4.4.0, < 4.4.12, >= 4.6.0, < 4.6.25.5 MEDIUM

MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service

>= 4.6.0, < 4.6.25.5 MEDIUM

HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service

= 4.6.05.5 MEDIUM

BPv7 dissector crash in Wireshark 4.6.0 allows denial of service

>= 4.4.0, < 4.4.11, = 4.6.07.8 HIGH

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service

>= 4.2.0, < 4.2.14, >= 4.4.0, < 4.4.105.5 MEDIUM

MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service

= *, >= 4.4.0, <= 4.4.8, = 4.4.97.8 HIGH

SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service

>= 4.2.0, < 4.2.12, >= 4.4.0, < 4.4.77.8 HIGH

Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file

>= 4.2.0, <= 4.2.10, >= 4.4.0, <= 4.4.37.8 HIGH

Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file

>= 4.2.0, < 4.2.9, >= 4.4.0, < 4.4.27.8 HIGH

ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

>= 4.2.0, < 4.2.9, >= 4.4.0, < 4.4.27.8 HIGH

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

= 4.4.0, >= 4.2.0, < 4.2.87.8 HIGH

AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file

= 4.4.07.8 HIGH

ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file

>= 4.0.0, < 4.0.16, >= 4.2.0, < 4.2.65.5 MEDIUM

SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file

>= 4.2.0, < 4.2.7, >= 4.0.0, < 4.0.177.8 HIGH

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

>= 3.6.0, < 3.6.23, >= 4.0.0, < 4.0.15, >= 4.2.0, < 4.2.53.6 LOW

Use after free issue in editcap could cause denial of service via crafted capture file

>= 3.6.0, < 3.6.23, >= 4.0.0, < 4.0.15, >= 4.2.0, < 4.2.53.6 LOW

Memory handling issue in editcap could cause denial of service via crafted capture file

>= 4.2.0, <= 4.2.4, >= 3.6.0, <= 3.6.22, >= 4.0.0, <= 4.0.146.4 MEDIUM

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file

>= 4.0.0, < 4.0.14, >= 4.2.0, < 4.2.47.8 HIGH

T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file

>= 4.0.0, <= 4.0.10, >= 3.6.0, <= 3.6.187.8 HIGH

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file

< 4.2.07.5 HIGH

A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

< 4.2.07.5 HIGH

A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

< 4.2.07.5 HIGH

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

= 4.2.07.8 HIGH

DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

= 4.2.07.8 HIGH

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

= 4.2.07.8 HIGH

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

= 4.2.0, >= 3.6.0, <= 3.6.19, >= 4.0.0, <= 4.0.117.8 HIGH

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file

= 4.2.0, >= 3.6.0, <= 3.6.19, >= 4.0.0, <= 4.0.117.8 HIGH

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file

>= 4.0.0, <= 4.0.106.3 MEDIUM

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

>= 3.6.0, < 3.6.17, >= 4.0.0, < 4.0.95.3 MEDIUM

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file