Filtered by vendor Wireshark
Subscribe
Total
679 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5353 | 1 Wireshark | 1 Wireshark | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2016-5358 | 2 Oracle, Wireshark | 2 Solaris, Wireshark | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2016-5350 | 1 Wireshark | 1 Wireshark | 2016-11-28 | 4.3 MEDIUM | 7.5 HIGH |
| epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
| CVE-2016-5354 | 1 Wireshark | 1 Wireshark | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2016-5355 | 1 Wireshark | 1 Wireshark | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | |||||
| CVE-2016-5356 | 1 Wireshark | 1 Wireshark | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | |||||
| CVE-2016-5359 | 1 Wireshark | 1 Wireshark | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 1.12.x before 1.12.12 mishandles offsets, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted packet. | |||||
| CVE-2016-5351 | 1 Wireshark | 1 Wireshark | 2016-11-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2016-4420 | 1 Wireshark | 1 Wireshark | 2016-05-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2016-4419 | 1 Wireshark | 1 Wireshark | 2016-05-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| epan/dissectors/packet-spice.c in the SPICE dissector in Wireshark 2.x before 2.0.2 mishandles capability data, which allows remote attackers to cause a denial of service (large loop) via a crafted packet. | |||||
| CVE-2016-4416 | 1 Wireshark | 1 Wireshark | 2016-05-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet. | |||||
| CVE-2016-4415 | 1 Wireshark | 1 Wireshark | 2016-05-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x before 2.0.2 incorrectly increases a certain octet count, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted file. | |||||
| CVE-2014-2282 | 1 Wireshark | 1 Wireshark | 2016-04-04 | 4.3 MEDIUM | N/A |
| The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet. | |||||
| CVE-2014-2281 | 1 Wireshark | 1 Wireshark | 2015-08-12 | 4.3 MEDIUM | N/A |
| The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet. | |||||
| CVE-2014-4174 | 1 Wireshark | 1 Wireshark | 2014-06-19 | 9.3 HIGH | N/A |
| wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet. | |||||
| CVE-2013-7114 | 1 Wireshark | 1 Wireshark | 2014-04-19 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet. | |||||
| CVE-2013-7112 | 1 Wireshark | 1 Wireshark | 2014-04-19 | 5.0 MEDIUM | N/A |
| The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
| CVE-2013-7113 | 1 Wireshark | 1 Wireshark | 2014-01-17 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2012-2394 | 1 Wireshark | 1 Wireshark | 2012-11-06 | 3.3 LOW | N/A |
| Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet. | |||||