Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wire vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-10894
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
Wireshark Wireshark 3.0.0
Wireshark Wireshark
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2019-12295
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.
Wireshark Wireshark
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Application Acceleration Manager 15.1.0
F5 Big-ip Local Traffic Manager 15.1.0
F5 Big-ip Advanced Firewall Manager 15.1.0
F5 Big-ip Policy Enforcement Manager 15.1.0
7.8
CVSSv2
CVE-2017-9345
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
Wireshark Wireshark
5
CVSSv2
CVE-2017-9348
In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.
Wireshark Wireshark
7.8
CVSSv2
CVE-2017-9350
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.
Wireshark Wireshark
7.8
CVSSv2
CVE-2017-9352
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.
Wireshark Wireshark
5
CVSSv2
CVE-2020-15466
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.
Wireshark Wireshark
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
5
CVSSv2
CVE-2020-11647
In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.
Wireshark Wireshark
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
4.3
CVSSv2
CVE-2016-7177
epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x prior to 2.0.6 does not restrict the number of channels, which allows remote malicious users to cause a denial of service (buffer over-read and application crash) via a crafted packet.
Debian Debian Linux 8.0
Wireshark Wireshark 2.0.0
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.5
4.3
CVSSv2
CVE-2016-7176
epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x prior to 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote malicious users to cause a denial of service (copy overlap and application crash) via a crafted packet.
Wireshark Wireshark 2.0.0
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.5
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »