Wireshark

wireshark

736 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Wireshark

wireshark

736 CVEs

CVEs (736)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-6243 2Oracle Wireshark 3Linux SolarisWireshark May 6, 2026 Aug 24, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a craf...Show more The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions.Show less
CVE-2015-6242 2Oracle Wireshark 2Solaris Wireshark May 6, 2026 Aug 24, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple reall...Show more The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet.Show less
CVE-2015-6241 2Oracle Wireshark 2Solaris Wireshark May 6, 2026 Aug 24, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string...Show more The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.Show less
CVE-2015-4652 2Debian Wireshark 2Debian Linux Wireshark May 6, 2026 Jul 22, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash)...Show more epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.Show less
CVE-2015-4651 3Debian OracleWireshark 3Debian Linux SolarisWireshark May 6, 2026 Jul 22, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP addre...Show more The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.Show less
CVE-2015-3906 1Wireshark 1Wireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The logcat_dump_text function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not properly handle a lack of \0 termination, which allows remote attackers to cause a denial of...Show more The logcat_dump_text function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not properly handle a lack of \0 termination, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted message in a packet, a different vulnerability than CVE-2015-3815.Show less
CVE-2015-3815 1Wireshark 1Wireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (ou...Show more The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906.Show less
CVE-2015-3814 2Oracle Wireshark 2Solaris Wireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as...Show more The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.Show less
CVE-2015-3813 1Wireshark 1Wireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, w...Show more The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet.Show less
CVE-2015-3812 2Oracle Wireshark 3Linux SolarisWireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 7.8 HIGH· v2 Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service...Show more Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.Show less
CVE-2015-3811 2Oracle Wireshark 3Linux SolarisWireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (a...Show more epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.Show less
CVE-2015-3810 1Wireshark 1Wireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 7.8 HIGH· v2 epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packe...Show more epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet.Show less
CVE-2015-3809 1Wireshark 1Wireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 7.8 HIGH· v2 The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of servi...Show more The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.Show less
CVE-2015-3808 1Wireshark 1Wireshark May 6, 2026 May 26, 2015 N/A· v4 N/A· v3 7.8 HIGH· v2 The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service (infinite...Show more The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.Show less
CVE-2015-2192 2Opensuse Wireshark 2Opensuse Wireshark May 6, 2026 Mar 8, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infini...Show more Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.Show less
CVE-2015-2191 4Debian MageiaOpensuse+1 more 4Debian Linux MageiaOpensuse+1 more May 6, 2026 Mar 8, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infin...Show more Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.Show less
CVE-2015-2190 3Opensuse OracleWireshark 3Opensuse SolarisWireshark May 6, 2026 Mar 8, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit)...Show more epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector.Show less
CVE-2015-2189 5Debian MageiaOpensuse+2 more 6Debian Linux LinuxMageia+3 more May 6, 2026 Mar 8, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds r...Show more Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.Show less
CVE-2015-2188 5Debian MageiaOpensuse+2 more 6Debian Linux LinuxMageia+3 more May 6, 2026 Mar 8, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out...Show more epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.Show less
CVE-2015-2187 2Opensuse Wireshark 2Opensuse Wireshark May 6, 2026 Mar 8, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remot...Show more The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet.Show less

Previous 1...212223...37 Next