Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wireshark
(Wireshark)Repositories | https://github.com/wireshark/wireshark |
#Vulnerabilities | 664 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-08-29 | CVE-2024-8250 | NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file | Wireshark | 5.5 | ||
2023-08-24 | CVE-2023-4511 | BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file | Wireshark | 7.5 | ||
2023-08-24 | CVE-2023-4512 | CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file | Wireshark | 7.5 | ||
2023-08-24 | CVE-2023-4513 | BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file | Wireshark | 7.5 | ||
2023-10-04 | CVE-2023-5371 | RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file | Wireshark | 6.5 | ||
2023-11-16 | CVE-2023-6174 | SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file | Debian_linux, Wireshark | 6.5 | ||
2024-01-03 | CVE-2024-0208 | GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | Wireshark | 7.5 | ||
2009-02-16 | CVE-2009-0601 | Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. | Wireshark | N/A | ||
2006-10-28 | CVE-2006-4574 | Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values. | Wireshark | 7.5 | ||
2024-01-03 | CVE-2024-0209 | IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | Wireshark | 7.5 |