wireshark
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| >= 4.4.0, < 4.4.16, >= 4.6.0, < 4.6.6 | 5.5 MEDIUM | — | ||
ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15 allows denial of service | ||||
| >= 4.6.0, < 4.6.5 | 5.5 MEDIUM | — | ||
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 7 HIGH | — | ||
Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 7.8 HIGH | — | ||
SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 7.8 HIGH | — | ||
RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 4.7 MEDIUM | — | ||
K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service | ||||
| >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
Monero protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.6.0, <= 4.6.4 | 8.8 HIGH | — | ||
TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution | ||||
| >= 4.4.0, <= 4.4.14, >= 4.6.0, <= 4.6.4 | 5.5 MEDIUM | — | ||
FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 5.5 MEDIUM | — | ||
Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 5.5 MEDIUM | — | ||
Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 5.5 MEDIUM | — | ||
Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 5.5 MEDIUM | — | ||
UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, < 4.4.15, >= 4.6.0, < 4.6.5 | 5.5 MEDIUM | — | ||
HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| >= 4.4.0, < 4.4.14, >= 4.6.0, < 4.6.4 | 5.5 MEDIUM | — | ||
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service | ||||
| >= 4.4.0, < 4.4.14, >= 4.6.0, < 4.6.4 | 4.7 MEDIUM | — | ||
USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service | ||||
| >= 4.6.0, < 4.6.4 | 4.7 MEDIUM | — | ||
NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service | ||||
| >= 4.2.2, < 4.4.13, >= 4.6.0, < 4.6.3 | 5.3 MEDIUM | — | ||
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service | ||||
| >= 4.4.0, < 4.4.13, >= 4.6.0, < 4.6.3 | 5.5 MEDIUM | — | ||
BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service | ||||
| >= 4.4.0, < 4.4.13, >= 4.6.0, < 4.6.3 | 5.3 MEDIUM | — | ||
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service | ||||
| >= 4.4.0, < 4.4.13, >= 4.6.0, < 4.6.3 | 4.7 MEDIUM | — | ||
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service | ||||
| >= 4.4.0, < 4.4.12, >= 4.6.0, < 4.6.2 | 5.5 MEDIUM | — | ||
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service | ||||
| >= 4.6.0, < 4.6.2 | 5.5 MEDIUM | — | ||
HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service | ||||
| = 4.6.0 | 5.5 MEDIUM | — | ||
BPv7 dissector crash in Wireshark 4.6.0 allows denial of service | ||||
| >= 4.4.0, < 4.4.11, = 4.6.0 | 7.8 HIGH | — | ||
Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service | ||||
| >= 4.2.0, < 4.2.14, >= 4.4.0, < 4.4.10 | 5.5 MEDIUM | — | ||
MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service | ||||
| = *, >= 4.4.0, <= 4.4.8, = 4.4.9 | 7.8 HIGH | — | ||
SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service | ||||
| >= 4.2.0, < 4.2.12, >= 4.4.0, < 4.4.7 | 7.8 HIGH | — | ||
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file | ||||
| >= 4.2.0, <= 4.2.10, >= 4.4.0, <= 4.4.3 | 7.8 HIGH | — | ||
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file | ||||
| >= 4.2.0, < 4.2.9, >= 4.4.0, < 4.4.2 | 7.8 HIGH | — | ||
ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file | ||||
| >= 4.2.0, < 4.2.9, >= 4.4.0, < 4.4.2 | 7.8 HIGH | — | ||
FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file | ||||
| = 4.4.0, >= 4.2.0, < 4.2.8 | 7.8 HIGH | — | ||
AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file | ||||
| = 4.4.0 | 7.8 HIGH | — | ||
ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file | ||||
| >= 4.0.0, < 4.0.16, >= 4.2.0, < 4.2.6 | 5.5 MEDIUM | — | ||
SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file | ||||
| >= 4.2.0, < 4.2.7, >= 4.0.0, < 4.0.17 | 7.8 HIGH | — | ||
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file | ||||
| >= 3.6.0, < 3.6.23, >= 4.0.0, < 4.0.15, >= 4.2.0, < 4.2.5 | 3.6 LOW | — | ||
Use after free issue in editcap could cause denial of service via crafted capture file | ||||
| >= 3.6.0, < 3.6.23, >= 4.0.0, < 4.0.15, >= 4.2.0, < 4.2.5 | 3.6 LOW | — | ||
Memory handling issue in editcap could cause denial of service via crafted capture file | ||||
| >= 4.2.0, <= 4.2.4, >= 3.6.0, <= 3.6.22, >= 4.0.0, <= 4.0.14 | 6.4 MEDIUM | — | ||
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file | ||||
| >= 4.0.0, < 4.0.14, >= 4.2.0, < 4.2.4 | 7.8 HIGH | — | ||
T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file | ||||
| >= 4.0.0, <= 4.0.10, >= 3.6.0, <= 3.6.18 | 7.8 HIGH | — | ||
NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file | ||||
| < 4.2.0 | 7.5 HIGH | — | ||
A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | ||||
| < 4.2.0 | 7.5 HIGH | — | ||
A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | ||||
| < 4.2.0 | 7.5 HIGH | — | ||
An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | ||||
| = 4.2.0 | 7.8 HIGH | — | ||
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | ||||
| = 4.2.0 | 7.8 HIGH | — | ||
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | ||||
| = 4.2.0 | 7.8 HIGH | — | ||
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | ||||
| = 4.2.0, >= 3.6.0, <= 3.6.19, >= 4.0.0, <= 4.0.11 | 7.8 HIGH | — | ||
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | ||||
| = 4.2.0, >= 3.6.0, <= 3.6.19, >= 4.0.0, <= 4.0.11 | 7.8 HIGH | — | ||
IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | ||||
| >= 4.0.0, <= 4.0.10 | 6.3 MEDIUM | — | ||
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file | ||||
| >= 3.6.0, < 3.6.17, >= 4.0.0, < 4.0.9 | 5.3 MEDIUM | — | ||
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file | ||||