Filtered by vendor Wireshark
Subscriptions
Filtered by product Wireshark
Subscriptions
Total
692 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-2528 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in the LBMC dissector in Wireshark 2.0.x before 2.0.2 does not validate length values, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. | ||||
| CVE-2015-3810 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-12 | N/A |
| epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet. | ||||
| CVE-2014-5163 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||||
| CVE-2015-8735 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (invalid write operation and application crash) via a crafted packet. | ||||
| CVE-2016-9372 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects. | ||||
| CVE-2015-8736 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file. | ||||
| CVE-2015-8737 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not validate the bit rate, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | ||||
| CVE-2016-4082 | 3 Debian, Oracle, Wireshark | 3 Debian Linux, Solaris, Wireshark | 2025-04-12 | N/A |
| epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet. | ||||
| CVE-2015-8738 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet. | ||||
| CVE-2015-8717 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||||
| CVE-2015-8721 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression. | ||||
| CVE-2015-8730 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet. | ||||
| CVE-2015-8711 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. | ||||
| CVE-2016-6511 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet. | ||||
| CVE-2015-8742 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet. | ||||
| CVE-2015-8740 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. | ||||
| CVE-2015-8733 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. | ||||
| CVE-2016-6507 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | ||||
| CVE-2016-4085 | 3 Debian, Oracle, Wireshark | 3 Debian Linux, Solaris, Wireshark | 2025-04-12 | N/A |
| Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet. | ||||
| CVE-2016-4418 | 1 Wireshark | 1 Wireshark | 2025-04-12 | N/A |
| epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet that triggers an empty set. | ||||