Product:

Wireshark

(Wireshark)
Repositories https://github.com/wireshark/wireshark
#Vulnerabilities 663
Date Id Summary Products Score Patch Annotated
2006-10-28 CVE-2006-4574 Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values. Wireshark 7.5
2023-10-04 CVE-2023-5371 RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file Wireshark 6.5
2023-11-16 CVE-2023-6174 SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file Debian_linux, Wireshark 6.5
2024-01-03 CVE-2024-0208 GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file Wireshark 7.5
2024-01-03 CVE-2024-0209 IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file Wireshark 7.5
2024-01-03 CVE-2024-0210 Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file Wireshark 7.5
2024-01-03 CVE-2024-0211 DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file Wireshark 7.5
2024-01-03 CVE-2024-0207 HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file Wireshark 7.5
2011-03-03 CVE-2011-1142 Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values. Wireshark N/A
2007-12-19 CVE-2007-6439 Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119. Wireshark N/A