Wireshark

wireshark

736 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Wireshark

wireshark

736 CVEs

CVEs (736)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-26421 4Debian FedoraprojectOracle+1 more 4Debian Linux FedoraWireshark+1 more Nov 21, 2024 Dec 11, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVE-2020-26420 3Fedoraproject OracleWireshark 3Fedora WiresharkZfs Storage Appliance Kit Nov 21, 2024 Dec 11, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVE-2020-26419 3Fedoraproject OracleWireshark 3Fedora WiresharkZfs Storage Appliance Kit Nov 21, 2024 Dec 11, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
CVE-2020-26418 4Debian FedoraprojectOracle+1 more 4Debian Linux FedoraWireshark+1 more Nov 21, 2024 Dec 11, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVE-2020-28030 3Debian FedoraprojectWireshark 3Debian Linux FedoraWireshark Nov 21, 2024 Nov 2, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.
CVE-2020-26575 4Debian FedoraprojectOracle+1 more 4Debian Linux FedoraWireshark+1 more Nov 21, 2024 Oct 6, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
CVE-2020-25866 4Fedoraproject OpensuseOracle+1 more 4Fedora LeapWireshark+1 more Nov 21, 2024 Oct 6, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/pac...Show more In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.Show less
CVE-2020-25863 5Debian FedoraprojectOpensuse+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Oct 6, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
CVE-2020-25862 5Debian FedoraprojectOpensuse+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Oct 6, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
CVE-2020-17498 4Fedoraproject OpensuseOracle+1 more 4Fedora LeapWireshark+1 more Nov 21, 2024 Aug 13, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
CVE-2020-15466 3Debian OpensuseWireshark 3Debian Linux LeapWireshark Nov 21, 2024 Jul 5, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.
CVE-2020-13164 4Debian FedoraprojectOpensuse+1 more 4Debian Linux FedoraLeap+1 more Nov 21, 2024 May 19, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory...Show more In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.Show less
CVE-2020-11647 3Debian OpensuseWireshark 3Debian Linux LeapWireshark Nov 21, 2024 Apr 10, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.
CVE-2020-9431 4Debian FedoraprojectOpensuse+1 more 4Debian Linux FedoraLeap+1 more Nov 21, 2024 Feb 27, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.
CVE-2020-9430 4Debian FedoraprojectOpensuse+1 more 4Debian Linux FedoraLeap+1 more Nov 21, 2024 Feb 27, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.
CVE-2020-9429 2Opensuse Wireshark 2Leap Wireshark Nov 21, 2024 Feb 27, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.
CVE-2020-9428 4Debian FedoraprojectOpensuse+1 more 4Debian Linux FedoraLeap+1 more Nov 21, 2024 Feb 27, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.
CVE-2020-7045 2Debian Wireshark 2Debian Linux Wireshark Nov 21, 2024 Jan 16, 2020 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes.
CVE-2020-7044 4Fedoraproject OpensuseOracle+1 more 5Fedora LeapSolaris+2 more Nov 21, 2024 Jan 16, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.
CVE-2019-19553 4Debian OpensuseOracle+1 more 5Debian Linux LeapSolaris+2 more Nov 21, 2024 Dec 5, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInf...Show more In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.Show less

Previous 1...789...37 Next