Wireshark

wireshark

736 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Wireshark

wireshark

736 CVEs

CVEs (736)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-17997 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Dec 30, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.
CVE-2017-17935 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Dec 27, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application cra...Show more The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line.Show less
CVE-2017-17085 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Dec 1, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
CVE-2017-17084 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Dec 1, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
CVE-2017-17083 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Dec 1, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.
CVE-2017-15193 1Wireshark 1Wireshark May 13, 2026 Oct 10, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
CVE-2017-15192 1Wireshark 1Wireshark May 13, 2026 Oct 10, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation...Show more In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.Show less
CVE-2017-15191 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Oct 10, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
CVE-2017-15190 1Wireshark 1Wireshark May 13, 2026 Oct 10, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable.
CVE-2017-15189 1Wireshark 1Wireshark May 13, 2026 Oct 10, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements.
CVE-2017-13767 1Wireshark 1Wireshark May 13, 2026 Aug 30, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
CVE-2017-13766 1Wireshark 1Wireshark May 13, 2026 Aug 30, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.
CVE-2017-13765 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Aug 30, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.
CVE-2017-13764 1Wireshark 1Wireshark May 13, 2026 Aug 30, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.
CVE-2017-11411 1Wireshark 1Wireshark May 13, 2026 Jul 18, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulner...Show more In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350.Show less
CVE-2017-11410 1Wireshark 1Wireshark May 13, 2026 Jul 18, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by...Show more In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.Show less
CVE-2017-11409 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Jul 18, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type.
CVE-2017-11408 1Wireshark 1Wireshark May 13, 2026 Jul 18, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection.
CVE-2017-11407 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Jul 18, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt.
CVE-2017-11406 2Debian Wireshark 2Debian Linux Wireshark May 13, 2026 Jul 18, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values.

Previous 1...131415...37 Next