PRIOn Logo

Search KB


Search our pre-analyzed vulnerability database

Total Results: 658

of 33

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Input validation

Vendor(s):  Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.

Published:   Updated:

Vulnerability Type: Input validation

Vendor(s):  Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Heap overflow

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

Published:   Updated:

Vulnerability Type: Heap overflow

Vendor(s):  Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark

Published:   Updated:

Vulnerability Type: Heap overflow

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Wireshark
Significant
Remediate Within one Month
CVSS v2N/ACVSS v37.5

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Fedoraproject, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Fedoraproject, Wireshark
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

of 33