Monthly
Wireshark 4.6.0-4.6.3 and 4.4.0-4.4.13 can be crashed through memory exhaustion in the USB HID protocol dissector when processing malformed packets. A local attacker with the ability to trigger packet analysis can cause a denial of service condition, and public exploit code exists for this vulnerability. No patch is currently available.
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java.
HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Wireshark 4.6.0-4.6.3 and 4.4.0-4.4.13 can be crashed through memory exhaustion in the USB HID protocol dissector when processing malformed packets. A local attacker with the ability to trigger packet analysis can cause a denial of service condition, and public exploit code exists for this vulnerability. No patch is currently available.
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java.
HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.