Skip to main content

Wireshark

564 CVEs product

Monthly

CVE-2026-15168 LOW PATCH Monitor

Information disclosure in Wireshark's BLF file parser affects versions 4.6.0-4.6.6 and 4.4.0-4.4.16, stemming from use of an uninitialized variable (CWE-457) that may expose portions of process memory when parsing a crafted BLF file. Exploitation is constrained by a local attack vector, high attack complexity, and mandatory user interaction - a victim must actively open a malicious file. With a CVSS score of 2.5, no CISA KEV listing, and no public exploit identified at time of analysis, this is a low-priority finding with a narrow, socially-engineered attack surface.

Information Disclosure Wireshark
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2026-15174 MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 is caused by a heap-based buffer overflow in the Catapult DCT2000 protocol dissector, crashing the application when a crafted capture file is opened. The CVSS local attack vector (AV:L) and required user interaction (UI:R) constrain exploitation to scenarios where an analyst is socially engineered into opening a malicious capture file - no remote or unauthenticated network exploitation path exists. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV; vendor-released fixes are available in 4.6.7 and 4.4.17.

Heap Overflow Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-15173 MEDIUM PATCH This Month

The pcapng file parser in Wireshark 4.6.0 through 4.6.6 contains a heap-based buffer overflow (CWE-122) that crashes the application, resulting in denial of service. An attacker must convince a user to open a specially crafted pcapng capture file, making this a social-engineering-dependent attack with no network-facing exploitation path. No public exploit code has been identified at time of analysis and the vulnerability is not listed in CISA KEV; a vendor patch is available in Wireshark 4.6.7.

Heap Overflow Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-15172 MEDIUM PATCH This Month

The FMP/NOTIFY protocol dissector in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 crashes when processing malformed packet data, resulting in a denial of service against the application. Exploitation requires a victim to open a crafted packet capture file or analyze injected traffic, making this a social-engineering-dependent vector rather than a remotely triggerable flaw. A vendor-released patch is available in versions 4.6.7 and 4.4.17; no public exploit or CISA KEV listing has been identified at time of analysis.

Denial Of Service Wireshark
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-15171 MEDIUM PATCH This Month

Wireshark's SSH protocol dissector crashes via a null pointer dereference (CWE-476) in versions 4.4.0-4.4.16 and 4.6.0-4.6.6, enabling denial of service against any analyst or engineer running an affected build. The flaw is triggered locally when Wireshark processes malformed SSH protocol data, whether from a live capture or a crafted packet capture file, causing the application to crash and disrupting network analysis workflows. No active exploitation has been confirmed in CISA KEV, and no public exploit code is known at time of analysis.

Denial Of Service Null Pointer Dereference Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-15170 MEDIUM PATCH This Month

Heap-based buffer overflow in Wireshark's Z39.50 protocol dissector crashes the application when processing malformed Z39.50 PDUs, resulting in denial of service. Affected versions span the 4.4.x branch (4.4.0-4.4.16) and 4.6.x branch (4.6.0-4.6.6). An attacker can trigger the crash by persuading an analyst to open a crafted packet capture file or by injecting malicious Z39.50 traffic onto a monitored network segment; no active exploitation (CISA KEV) or public exploit code has been identified at time of analysis.

Heap Overflow Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-15169 HIGH PATCH This Week

Denial of service in Wireshark's UMTS FP protocol dissector affects the 4.6.0-4.6.6 and 4.4.0-4.4.16 release branches, where a malformed UMTS Frame Protocol packet triggers a heap-based buffer overflow (CWE-122) that crashes the application. A remote attacker who can get the crafted frame parsed - via live capture on a monitored segment or a shared capture file - can reliably terminate the analyzer, with no confidentiality or integrity impact. Publicly available exploit code exists (SSVC=poc) but it is not on CISA KEV, and EPSS is low at 0.14% (4th percentile), indicating minimal observed exploitation pressure.

Heap Overflow Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-15167 MEDIUM PATCH This Month

Denial of service in Wireshark's DBS Etherwatch dissector affects release branches 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16, where a malformed capture file or crafted packet can crash the application. The flaw is a stack-based buffer overflow (CWE-121) that manifests only as an availability impact - no confidentiality or integrity loss and no confirmed code execution - carrying a 7.5 (High) CVSS. No public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Buffer Overflow Denial Of Service Stack Overflow Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2026-15166 MEDIUM PATCH This Month

Stack-based buffer overflow in Wireshark's IEEE 802.11 (Wi-Fi) protocol dissector crashes the application, resulting in denial of service across versions 4.6.0-4.6.6 and 4.4.0-4.4.16. An attacker with the ability to deliver a malicious packet capture file, or inject crafted 802.11 frames into a live capture session, can crash the Wireshark process on a victim analyst's machine. No public exploit code has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog; vendor-released patches (4.6.7 and 4.4.17) are available.

Buffer Overflow Denial Of Service Stack Overflow Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-15165 MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0 through 4.6.6 lets a remote attacker crash the application by feeding it a malformed TLS packet using the Encrypted Client Hello (ECH) extension, triggering a heap buffer overflow in the ECH decryptor. No authentication or user interaction beyond processing the traffic is required, though impact is limited to availability (analyzer crash) with no code execution or data disclosure claimed. Publicly available exploit code exists per SSVC (POC), EPSS is low at 0.14% (4th percentile), and it is not listed in CISA KEV.

Heap Overflow Denial Of Service Buffer Overflow Wireshark
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-15164 MEDIUM PATCH This Month

Denial of service in Wireshark's ciscodump remote capture utility (extcap) affects versions 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16, where a heap-based buffer overflow (CWE-122) can crash the capture tool. An attacker able to feed crafted data to a running ciscodump session can terminate the process, disrupting live packet capture. A POC is referenced by CISA's SSVC assessment (no public exploit code independently identified), it is not in CISA KEV, and EPSS is very low at 0.10% (1st percentile), indicating minimal likelihood of widespread exploitation.

Heap Overflow Denial Of Service Buffer Overflow Wireshark
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-15163 HIGH PATCH This Week

Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 lets a remote attacker crash or hang the application by feeding it crafted packets that trigger infinite loops in multiple protocol dissectors. No public exploit is identified at time of analysis, and the flaw is limited to availability - no code execution or data exposure. Real-world urgency is modest: EPSS sits at 0.12% and CISA SSVC rates exploitation as 'none' with only partial technical impact.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-5403 HIGH PATCH This Week

Heap buffer overflow in Wireshark's SBC codec handler enables local code execution when processing malicious capture files. Affects Wireshark versions 4.4.0-4.4.14 and 4.6.0-4.6.4. The vulnerability requires user interaction (opening a crafted packet capture file) but no authentication, posing significant risk to network analysts who routinely process captures from untrusted sources. Wireshark Foundation has published security advisory WNPA-sec-2026-16 with remediation details. EPSS probability data not available; no evidence of active exploitation (not in CISA KEV) or public proof-of-concept at time of analysis.

RCE Denial Of Service Buffer Overflow Heap Overflow Wireshark
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-5656 HIGH PATCH This Week

Path traversal via profile import in Wireshark lets a malicious configuration profile archive write files outside the intended profile directory, causing denial of service and potentially arbitrary code execution when a user imports it. Affected builds are Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14, with the flaw triggered by user interaction (importing a crafted profile) rather than network traffic. EPSS is very low (0.01%) and there is no public exploit identified at time of analysis; a vendor patch is available.

Path Traversal Denial Of Service RCE Wireshark
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-5405 HIGH PATCH This Week

Heap-based buffer overflow in Wireshark's RDP protocol dissector allows local attackers to cause denial of service or execute arbitrary code via maliciously crafted capture files. Affects Wireshark versions 4.6.0-4.6.4 and 4.4.0-4.4.14. The vulnerability requires user interaction (opening a malicious .pcap file) but no authentication, making it effective for social engineering attacks against network analysts. No active exploitation confirmed in CISA KEV, but proof-of-concept details available via GitLab issue tracker. EPSS data not available for risk prioritization.

RCE Denial Of Service Buffer Overflow Heap Overflow Wireshark
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-5402 HIGH PATCH This Week

Heap overflow in Wireshark 4.6.0 through 4.6.4 TLS protocol dissector enables remote code execution when a user opens a malicious capture file or inspects crafted network traffic. The vulnerability requires user interaction (UI:R) but no authentication, making it exploitable via social engineering. No public exploit code identified at time of analysis, though the technical details are disclosed in vendor advisory wnpa-sec-2026-14 and tracked in GitLab issue #21090. CVSS 8.8 reflects the combination of network vector, low complexity, and potential for complete system compromise despite the user interaction requirement.

Denial Of Service Buffer Overflow RCE Heap Overflow Wireshark
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-7376 MEDIUM PATCH This Month

Null pointer dereference in Wireshark sharkd 4.4.0-4.4.14 and 4.6.0-4.6.4 causes denial of service when processing crafted input, crashing the daemon. Local attackers with low privileges can trigger the crash via user interaction, rendering the packet analysis service unavailable. No authentication required, and publicly available exploit code does not appear to exist at time of analysis.

Null Pointer Dereference Denial Of Service Wireshark
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-3203 MEDIUM PATCH This Month

Wireshark versions 4.4.0-4.4.13 and 4.6.0-4.6.3 crash when processing malformed RF4CE Profile protocol packets, enabling local denial of service attacks through user interaction. An attacker can trigger an out-of-bounds read by supplying a specially crafted packet file to a target user, causing the application to become unavailable. No patch is currently available for this vulnerability.

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-3202 MEDIUM PATCH This Month

NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service [CVSS 4.7 MEDIUM]

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-3201 MEDIUM POC PATCH This Month

Wireshark 4.6.0-4.6.3 and 4.4.0-4.4.13 can be crashed through memory exhaustion in the USB HID protocol dissector when processing malformed packets. A local attacker with the ability to trigger packet analysis can cause a denial of service condition, and public exploit code exists for this vulnerability. No patch is currently available.

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-0962 MEDIUM POC PATCH This Month

Denial of service in Wireshark 4.6.0-4.6.2 and 4.4.0-4.4.12 can be triggered through a malformed SOME/IP-SD protocol packet, causing the application to crash. Public exploit code exists for this vulnerability, and affected users should avoid opening untrusted packet captures until a patch is available.

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-0961 MEDIUM POC PATCH This Month

BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service [CVSS 5.5 MEDIUM]

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0960 MEDIUM POC PATCH This Month

HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service [CVSS 4.7 MEDIUM]

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-0959 MEDIUM PATCH This Month

Wireshark versions 4.4.0-4.4.12 and 4.6.0-4.6.2 crash when processing malformed IEEE 802.11 wireless packets, enabling a remote denial of service attack that requires user interaction to view the malicious traffic. An attacker can exploit this out-of-bounds write vulnerability by crafting a specially formatted packet, causing the application to become unavailable without requiring authentication. No patch is currently available for this issue.

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-13946 MEDIUM POC PATCH This Month

MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service

Denial Of Service Ubuntu Debian Wireshark Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-13945 MEDIUM POC PATCH This Month

HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service

Denial Of Service Ubuntu Debian Wireshark Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-13674 MEDIUM PATCH This Month

BPv7 dissector crash in Wireshark 4.6.0 allows denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Wireshark Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-13499 HIGH PATCH This Month

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-9817 HIGH PATCH This Month

SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Wireshark Red Hat Suse
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-5601 HIGH POC PATCH This Week

A denial of service vulnerability in Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 (CVSS 7.8) that allows denial of service. Risk factors: public PoC available.

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-1492 HIGH PATCH This Week

Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Red Hat Suse
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-11596 MEDIUM POC This Month

ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-11595 MEDIUM This Month

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-9781 HIGH PATCH This Week

AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-9780 MEDIUM POC This Month

ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-8645 MEDIUM This Month

SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-8250 MEDIUM POC This Month

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-24479 HIGH PATCH This Week

A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Denial Of Service Wireshark Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2024-24476 HIGH PATCH This Week

A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Fedora Wireshark
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2024-24478 HIGH PATCH This Week

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2024-0211 HIGH POC This Month

DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-0210 HIGH POC This Month

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-0209 HIGH POC This Month

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Wireshark
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-0208 HIGH POC This Month

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-0207 HIGH POC This Month

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service Wireshark
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-6174 MEDIUM This Month

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-5371 MEDIUM POC This Month

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-2906 MEDIUM POC This Month

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
6.5
EPSS
2.8%
CVE-2023-4513 HIGH POC This Week

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-4512 HIGH POC This Week

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-4511 HIGH PATCH This Week

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-3649 MEDIUM This Month

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-3648 MEDIUM This Month

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-0668 MEDIUM POC This Month

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Information Disclosure Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
2.3%
CVE-2023-0667 MEDIUM POC This Month

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow Wireshark
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2023-0666 MEDIUM POC This Month

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
2.3%
CVE-2023-2952 MEDIUM POC This Month

XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-2879 HIGH POC This Week

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-2858 MEDIUM POC This Month

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Citrix Wireshark +1
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2023-2857 MEDIUM POC This Month

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-2856 MEDIUM POC This Month

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2023-2855 MEDIUM POC This Month

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2023-2854 MEDIUM POC This Month

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-1994 MEDIUM POC This Month

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-1993 MEDIUM POC This Month

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
4.1%
CVE-2023-1992 HIGH POC This Week

RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
4.6%
CVE-2023-1161 HIGH This Week

ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
7.1
EPSS
0.6%
CVE-2023-0417 MEDIUM PATCH This Month

Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-0416 MEDIUM PATCH This Month

GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-0415 MEDIUM PATCH This Month

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-0414 MEDIUM PATCH This Month

Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-0413 MEDIUM PATCH This Month

Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-0412 HIGH PATCH This Week

TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2023-0411 MEDIUM PATCH This Month

Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-3724 HIGH This Week

Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Wireshark
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2022-3725 HIGH POC This Week

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Wireshark Fedora
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-3190 MEDIUM POC This Month

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2022-0585 MEDIUM POC This Month

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora Debian Linux
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2021-4190 HIGH POC This Week

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2021-4186 HIGH POC This Week

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Fedora
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2021-4185 HIGH POC This Week

Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora Debian Linux Http Server +1
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2021-4184 HIGH POC This Week

Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora Debian Linux Http Server +1
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2021-4183 MEDIUM POC PATCH This Month

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Wireshark Fedora +2
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2021-4182 HIGH POC PATCH This Week

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Wireshark Fedora Http Server Zfs Storage Appliance Kit
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2021-4181 HIGH POC This Week

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Wireshark Fedora +3
NVD
CVSS 3.1
7.5
EPSS
3.8%
CVE-2021-39929 HIGH POC This Week

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora Debian Linux
NVD
CVSS 3.1
7.5
EPSS
3.6%
CVE-2021-39926 HIGH POC This Week

Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wireshark Fedora Debian Linux
NVD
CVSS 3.1
7.5
EPSS
7.5%
CVE-2021-39925 HIGH POC This Week

Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wireshark Fedora Debian Linux
NVD
CVSS 3.1
7.5
EPSS
7.9%
CVE-2021-39924 HIGH POC This Week

Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora Debian Linux
NVD
CVSS 3.1
7.5
EPSS
4.9%
CVE-2021-39923 HIGH PATCH This Week

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.1
7.5
EPSS
1.5%
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Information disclosure in Wireshark's BLF file parser affects versions 4.6.0-4.6.6 and 4.4.0-4.4.16, stemming from use of an uninitialized variable (CWE-457) that may expose portions of process memory when parsing a crafted BLF file. Exploitation is constrained by a local attack vector, high attack complexity, and mandatory user interaction - a victim must actively open a malicious file. With a CVSS score of 2.5, no CISA KEV listing, and no public exploit identified at time of analysis, this is a low-priority finding with a narrow, socially-engineered attack surface.

Information Disclosure Wireshark
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 is caused by a heap-based buffer overflow in the Catapult DCT2000 protocol dissector, crashing the application when a crafted capture file is opened. The CVSS local attack vector (AV:L) and required user interaction (UI:R) constrain exploitation to scenarios where an analyst is socially engineered into opening a malicious capture file - no remote or unauthenticated network exploitation path exists. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV; vendor-released fixes are available in 4.6.7 and 4.4.17.

Heap Overflow Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The pcapng file parser in Wireshark 4.6.0 through 4.6.6 contains a heap-based buffer overflow (CWE-122) that crashes the application, resulting in denial of service. An attacker must convince a user to open a specially crafted pcapng capture file, making this a social-engineering-dependent attack with no network-facing exploitation path. No public exploit code has been identified at time of analysis and the vulnerability is not listed in CISA KEV; a vendor patch is available in Wireshark 4.6.7.

Heap Overflow Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The FMP/NOTIFY protocol dissector in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 crashes when processing malformed packet data, resulting in a denial of service against the application. Exploitation requires a victim to open a crafted packet capture file or analyze injected traffic, making this a social-engineering-dependent vector rather than a remotely triggerable flaw. A vendor-released patch is available in versions 4.6.7 and 4.4.17; no public exploit or CISA KEV listing has been identified at time of analysis.

Denial Of Service Wireshark
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Wireshark's SSH protocol dissector crashes via a null pointer dereference (CWE-476) in versions 4.4.0-4.4.16 and 4.6.0-4.6.6, enabling denial of service against any analyst or engineer running an affected build. The flaw is triggered locally when Wireshark processes malformed SSH protocol data, whether from a live capture or a crafted packet capture file, causing the application to crash and disrupting network analysis workflows. No active exploitation has been confirmed in CISA KEV, and no public exploit code is known at time of analysis.

Denial Of Service Null Pointer Dereference Wireshark
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Heap-based buffer overflow in Wireshark's Z39.50 protocol dissector crashes the application when processing malformed Z39.50 PDUs, resulting in denial of service. Affected versions span the 4.4.x branch (4.4.0-4.4.16) and 4.6.x branch (4.6.0-4.6.6). An attacker can trigger the crash by persuading an analyst to open a crafted packet capture file or by injecting malicious Z39.50 traffic onto a monitored network segment; no active exploitation (CISA KEV) or public exploit code has been identified at time of analysis.

Heap Overflow Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in Wireshark's UMTS FP protocol dissector affects the 4.6.0-4.6.6 and 4.4.0-4.4.16 release branches, where a malformed UMTS Frame Protocol packet triggers a heap-based buffer overflow (CWE-122) that crashes the application. A remote attacker who can get the crafted frame parsed - via live capture on a monitored segment or a shared capture file - can reliably terminate the analyzer, with no confidentiality or integrity impact. Publicly available exploit code exists (SSVC=poc) but it is not on CISA KEV, and EPSS is low at 0.14% (4th percentile), indicating minimal observed exploitation pressure.

Heap Overflow Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Denial of service in Wireshark's DBS Etherwatch dissector affects release branches 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16, where a malformed capture file or crafted packet can crash the application. The flaw is a stack-based buffer overflow (CWE-121) that manifests only as an availability impact - no confidentiality or integrity loss and no confirmed code execution - carrying a 7.5 (High) CVSS. No public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Buffer Overflow Denial Of Service Stack Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Stack-based buffer overflow in Wireshark's IEEE 802.11 (Wi-Fi) protocol dissector crashes the application, resulting in denial of service across versions 4.6.0-4.6.6 and 4.4.0-4.4.16. An attacker with the ability to deliver a malicious packet capture file, or inject crafted 802.11 frames into a live capture session, can crash the Wireshark process on a victim analyst's machine. No public exploit code has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog; vendor-released patches (4.6.7 and 4.4.17) are available.

Buffer Overflow Denial Of Service Stack Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0 through 4.6.6 lets a remote attacker crash the application by feeding it a malformed TLS packet using the Encrypted Client Hello (ECH) extension, triggering a heap buffer overflow in the ECH decryptor. No authentication or user interaction beyond processing the traffic is required, though impact is limited to availability (analyzer crash) with no code execution or data disclosure claimed. Publicly available exploit code exists per SSVC (POC), EPSS is low at 0.14% (4th percentile), and it is not listed in CISA KEV.

Heap Overflow Denial Of Service Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Denial of service in Wireshark's ciscodump remote capture utility (extcap) affects versions 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16, where a heap-based buffer overflow (CWE-122) can crash the capture tool. An attacker able to feed crafted data to a running ciscodump session can terminate the process, disrupting live packet capture. A POC is referenced by CISA's SSVC assessment (no public exploit code independently identified), it is not in CISA KEV, and EPSS is very low at 0.10% (1st percentile), indicating minimal likelihood of widespread exploitation.

Heap Overflow Denial Of Service Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 lets a remote attacker crash or hang the application by feeding it crafted packets that trigger infinite loops in multiple protocol dissectors. No public exploit is identified at time of analysis, and the flaw is limited to availability - no code execution or data exposure. Real-world urgency is modest: EPSS sits at 0.12% and CISA SSVC rates exploitation as 'none' with only partial technical impact.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap buffer overflow in Wireshark's SBC codec handler enables local code execution when processing malicious capture files. Affects Wireshark versions 4.4.0-4.4.14 and 4.6.0-4.6.4. The vulnerability requires user interaction (opening a crafted packet capture file) but no authentication, posing significant risk to network analysts who routinely process captures from untrusted sources. Wireshark Foundation has published security advisory WNPA-sec-2026-16 with remediation details. EPSS probability data not available; no evidence of active exploitation (not in CISA KEV) or public proof-of-concept at time of analysis.

RCE Denial Of Service Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Path traversal via profile import in Wireshark lets a malicious configuration profile archive write files outside the intended profile directory, causing denial of service and potentially arbitrary code execution when a user imports it. Affected builds are Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14, with the flaw triggered by user interaction (importing a crafted profile) rather than network traffic. EPSS is very low (0.01%) and there is no public exploit identified at time of analysis; a vendor patch is available.

Path Traversal Denial Of Service RCE +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap-based buffer overflow in Wireshark's RDP protocol dissector allows local attackers to cause denial of service or execute arbitrary code via maliciously crafted capture files. Affects Wireshark versions 4.6.0-4.6.4 and 4.4.0-4.4.14. The vulnerability requires user interaction (opening a malicious .pcap file) but no authentication, making it effective for social engineering attacks against network analysts. No active exploitation confirmed in CISA KEV, but proof-of-concept details available via GitLab issue tracker. EPSS data not available for risk prioritization.

RCE Denial Of Service Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap overflow in Wireshark 4.6.0 through 4.6.4 TLS protocol dissector enables remote code execution when a user opens a malicious capture file or inspects crafted network traffic. The vulnerability requires user interaction (UI:R) but no authentication, making it exploitable via social engineering. No public exploit code identified at time of analysis, though the technical details are disclosed in vendor advisory wnpa-sec-2026-14 and tracked in GitLab issue #21090. CVSS 8.8 reflects the combination of network vector, low complexity, and potential for complete system compromise despite the user interaction requirement.

Denial Of Service Buffer Overflow RCE +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Null pointer dereference in Wireshark sharkd 4.4.0-4.4.14 and 4.6.0-4.6.4 causes denial of service when processing crafted input, crashing the daemon. Local attackers with low privileges can trigger the crash via user interaction, rendering the packet analysis service unavailable. No authentication required, and publicly available exploit code does not appear to exist at time of analysis.

Null Pointer Dereference Denial Of Service Wireshark
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Wireshark versions 4.4.0-4.4.13 and 4.6.0-4.6.3 crash when processing malformed RF4CE Profile protocol packets, enabling local denial of service attacks through user interaction. An attacker can trigger an out-of-bounds read by supplying a specially crafted packet file to a target user, causing the application to become unavailable. No patch is currently available for this vulnerability.

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service [CVSS 4.7 MEDIUM]

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

Wireshark 4.6.0-4.6.3 and 4.4.0-4.4.13 can be crashed through memory exhaustion in the USB HID protocol dissector when processing malformed packets. A local attacker with the ability to trigger packet analysis can cause a denial of service condition, and public exploit code exists for this vulnerability. No patch is currently available.

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Denial of service in Wireshark 4.6.0-4.6.2 and 4.4.0-4.4.12 can be triggered through a malformed SOME/IP-SD protocol packet, causing the application to crash. Public exploit code exists for this vulnerability, and affected users should avoid opening untrusted packet captures until a patch is available.

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service [CVSS 5.5 MEDIUM]

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service [CVSS 4.7 MEDIUM]

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Wireshark versions 4.4.0-4.4.12 and 4.6.0-4.6.2 crash when processing malformed IEEE 802.11 wireless packets, enabling a remote denial of service attack that requires user interaction to view the malicious traffic. An attacker can exploit this out-of-bounds write vulnerability by crafting a specially formatted packet, causing the application to become unavailable without requiring authentication. No patch is currently available for this issue.

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service

Denial Of Service Ubuntu Debian +3
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service

Denial Of Service Ubuntu Debian +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

BPv7 dissector crash in Wireshark 4.6.0 allows denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Wireshark +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Wireshark +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Wireshark +2
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

A denial of service vulnerability in Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 (CVSS 7.8) that allows denial of service. Risk factors: public PoC available.

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Red Hat +1
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Wireshark
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Denial Of Service Wireshark +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Fedora +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Month

DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 7.8
HIGH POC This Month

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 7.8
HIGH POC This Month

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Wireshark
NVD
EPSS 0% CVSS 7.8
HIGH POC This Month

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 7.8
HIGH POC This Month

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service +2
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 3% CVSS 6.5
MEDIUM POC This Month

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Information Disclosure +2
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +3
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +2
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +2
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +2
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +2
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 4% CVSS 6.5
MEDIUM POC This Month

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 5% CVSS 7.5
HIGH POC This Week

RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 1% CVSS 7.1
HIGH This Week

ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Wireshark
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow +2
NVD
EPSS 2% CVSS 5.5
MEDIUM POC This Month

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora +1
NVD
EPSS 3% CVSS 7.5
HIGH POC This Week

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark +1
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora +3
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora +3
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure +4
NVD
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Wireshark Fedora +2
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +5
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora +1
NVD
EPSS 8% CVSS 7.5
HIGH POC This Week

Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wireshark +2
NVD
EPSS 8% CVSS 7.5
HIGH POC This Week

Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wireshark +2
NVD
EPSS 5% CVSS 7.5
HIGH POC This Week

Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux
NVD
Page 1 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy