Skip to main content
CVE-2016-4415 MEDIUM POC This Month

wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x before 2.0.2 incorrectly increases a certain octet count, which allows remote attackers to cause a denial of service (heap-based. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.0
5.9
EPSS
0.4%
CVE-2015-8325 HIGH This Week

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SSH Privilege Escalation Debian Linux Openssh Ubuntu Core +2
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-4421 MEDIUM This Month

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (deep recursion, stack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
5.9
EPSS
0.5%
CVE-2016-4417 MEDIUM This Month

Off-by-one error in epan/dissectors/packet-gsm_abis_oml.c in the GSM A-bis OML dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2016-4418 MEDIUM This Month

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2016-4419 MEDIUM This Month

epan/dissectors/packet-spice.c in the SPICE dissector in Wireshark 2.x before 2.0.2 mishandles capability data, which allows remote attackers to cause a denial of service (large loop) via a crafted. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2016-4416 MEDIUM This Month

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service (buffer. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2016-4420 MEDIUM This Month

The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
5.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy