Skip to main content

Wireshark

564 CVEs product

Monthly

CVE-2013-4936 MEDIUM PATCH This Month

The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2013-4935 MEDIUM PATCH This Month

The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Wireshark
NVD
CVSS 2.0
4.3
EPSS
1.4%
CVE-2013-4934 MEDIUM PATCH This Month

The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 2.0
4.3
EPSS
1.4%
CVE-2013-4933 MEDIUM PATCH This Month

The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2013-4932 MEDIUM PATCH This Month

Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2013-4931 MEDIUM PATCH This Month

epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2013-4930 MEDIUM PATCH This Month

The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2013-4929 HIGH PATCH This Week

The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
7.8
EPSS
1.8%
CVE-2013-4928 HIGH PATCH This Week

Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
7.8
EPSS
1.3%
CVE-2013-4927 HIGH PATCH This Week

Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
7.8
EPSS
1.8%
CVE-2013-4926 MEDIUM PATCH This Month

epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2013-4925 MEDIUM PATCH This Month

Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2013-4924 MEDIUM PATCH This Month

epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2013-4923 MEDIUM PATCH This Month

Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-4922 MEDIUM PATCH This Month

Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-4921 MEDIUM PATCH This Month

Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2013-4920 MEDIUM PATCH This Month

The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-4083 MEDIUM PATCH This Month

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2013-4082 MEDIUM PATCH This Month

The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2013-4081 MEDIUM This Month

The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2013-4080 MEDIUM This Month

The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2013-4079 MEDIUM This Month

The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Opensuse Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2013-4078 MEDIUM This Month

epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
1.9%
CVE-2013-4077 MEDIUM This Month

Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2013-4076 MEDIUM This Month

Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
5.0
EPSS
1.3%
CVE-2013-4075 MEDIUM This Month

epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2013-4074 MEDIUM POC THREAT This Month

The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 32.5%.

Denial Of Service Wireshark Debian Linux Opensuse
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
32.5%
CVE-2013-3562 MEDIUM POC PATCH This Month

Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
5.0
EPSS
3.4%
CVE-2013-3561 HIGH PATCH This Week

Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
7.8
EPSS
1.5%
CVE-2013-3560 MEDIUM POC PATCH This Month

The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
5.0
EPSS
3.5%
CVE-2013-3559 MEDIUM POC PATCH This Month

epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
5.0
EPSS
5.0%
CVE-2013-3558 MEDIUM This Month

The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
3.3%
CVE-2013-3557 MEDIUM POC PATCH This Month

The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
4.2%
CVE-2013-3556 MEDIUM This Month

The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2013-3555 MEDIUM POC PATCH This Month

epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
5.0
EPSS
3.4%
CVE-2013-2488 MEDIUM This Month

The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
3.6%
CVE-2013-2487 HIGH This Week

epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
7.8
EPSS
3.6%
CVE-2013-2486 MEDIUM This Month

The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
6.1
EPSS
1.6%
CVE-2013-2485 MEDIUM This Month

The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
6.1
EPSS
0.7%
CVE-2013-2484 LOW Monitor

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
3.3
EPSS
1.4%
CVE-2013-2483 LOW Monitor

The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
3.3
EPSS
1.5%
CVE-2013-2482 MEDIUM This Month

The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Opensuse
NVD
CVSS 2.0
6.1
EPSS
0.5%
CVE-2013-2481 LOW Monitor

Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark Debian Linux Opensuse
NVD
CVSS 2.0
2.9
EPSS
1.2%
CVE-2013-2480 LOW Monitor

The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
3.3
EPSS
1.4%
CVE-2013-2479 LOW Monitor

The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Opensuse
NVD
CVSS 2.0
3.3
EPSS
1.1%
CVE-2013-2478 LOW Monitor

The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse Wireshark
NVD
CVSS 2.0
3.3
EPSS
1.5%
CVE-2013-2477 LOW Monitor

The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark Opensuse
NVD
CVSS 2.0
3.3
EPSS
0.4%
CVE-2013-2476 MEDIUM This Month

The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Opensuse
NVD
CVSS 2.0
6.1
EPSS
0.8%
CVE-2013-2475 LOW Monitor

The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Opensuse
NVD
CVSS 2.0
3.3
EPSS
0.4%
CVE-2013-1590 LOW Monitor

Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 2.9). No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.3%
CVE-2013-1589 LOW PATCH Monitor

Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via. Rated low severity (CVSS 2.9).

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.3%
CVE-2013-1588 LOW Monitor

Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote. Rated low severity (CVSS 2.9). No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.5%
CVE-2013-1587 LOW Monitor

The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1586 LOW Monitor

The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector,. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.3%
CVE-2013-1585 LOW Monitor

epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.3%
CVE-2013-1584 LOW Monitor

The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer,. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1583 LOW Monitor

The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1582 LOW Monitor

The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.3%
CVE-2013-1581 LOW Monitor

The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps,. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1580 LOW Monitor

The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1579 LOW PATCH Monitor

The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for. Rated low severity (CVSS 2.9).

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1578 LOW Monitor

The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1577 LOW Monitor

The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1576 LOW Monitor

The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1575 LOW Monitor

The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1574 LOW Monitor

The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1573 LOW Monitor

The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2013-1572 LOW Monitor

The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2012-6062 MEDIUM POC This Month

The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2012-6061 MEDIUM POC This Month

The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6060 MEDIUM POC This Month

Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6059 MEDIUM POC This Month

The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6058 MEDIUM POC This Month

Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6057 MEDIUM PATCH This Month

The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6056 MEDIUM PATCH This Month

Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6055 MEDIUM POC This Month

epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6054 MEDIUM PATCH This Month

The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6053 MEDIUM PATCH This Month

epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-6052 MEDIUM This Month

Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2012-5240 MEDIUM This Month

Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
CVSS 2.0
5.8
EPSS
1.0%
CVE-2012-5238 LOW PATCH Monitor

epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
3.3
EPSS
0.9%
CVE-2012-5237 LOW PATCH Monitor

The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Wireshark
NVD
CVSS 2.0
3.3
EPSS
1.0%
CVE-2012-3548 MEDIUM POC This Month

The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-4298 MEDIUM POC This Month

Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to. Rated medium severity (CVSS 5.4). Public exploit code available and no vendor patch available.

Buffer Overflow RCE Sunos Wireshark
NVD
CVSS 2.0
5.4
EPSS
0.9%
CVE-2012-4297 HIGH PATCH This Week

Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity.

Buffer Overflow RCE Wireshark Sunos
NVD
CVSS 2.0
8.3
EPSS
8.5%
CVE-2012-4296 LOW POC Monitor

Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wireshark Opensuse Sunos
NVD
CVSS 2.0
3.3
EPSS
1.5%
CVE-2012-4295 LOW POC Monitor

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Sunos
NVD
CVSS 2.0
3.3
EPSS
1.1%
CVE-2012-4294 MEDIUM POC This Month

Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Wireshark Sunos
NVD
CVSS 2.0
5.8
EPSS
3.4%
CVE-2012-4293 LOW PATCH Monitor

plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Opensuse Sunos Wireshark
NVD
CVSS 2.0
3.3
EPSS
1.0%
CVE-2012-4292 LOW POC PATCH Monitor

The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Wireshark Opensuse Sunos
NVD
CVSS 2.0
3.3
EPSS
1.1%
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 2% CVSS 5.0
MEDIUM PATCH This Month

The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 2% CVSS 5.0
MEDIUM PATCH This Month

Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 2% CVSS 5.0
MEDIUM PATCH This Month

epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 2% CVSS 5.0
MEDIUM PATCH This Month

The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Wireshark +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Opensuse +1
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Debian Linux +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Debian Linux +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 32% CVSS 5.0
MEDIUM POC THREAT This Month

The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 32.5%.

Denial Of Service Wireshark Debian Linux +1
NVD Exploit-DB
EPSS 3% CVSS 5.0
MEDIUM POC PATCH This Month

Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 3% CVSS 5.0
MEDIUM POC PATCH This Month

The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 5% CVSS 5.0
MEDIUM POC PATCH This Month

epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Debian Linux +2
NVD
EPSS 3% CVSS 5.0
MEDIUM This Month

The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 4% CVSS 5.0
MEDIUM POC PATCH This Month

The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Wireshark +2
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 3% CVSS 5.0
MEDIUM POC PATCH This Month

epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 4% CVSS 5.0
MEDIUM This Month

The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 4% CVSS 7.8
HIGH This Week

epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 2% CVSS 6.1
MEDIUM This Month

The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 1% CVSS 3.3
LOW Monitor

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 1% CVSS 3.3
LOW Monitor

The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Opensuse
NVD
EPSS 1% CVSS 2.9
LOW Monitor

Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark Debian Linux +1
NVD
EPSS 1% CVSS 3.3
LOW Monitor

The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 1% CVSS 3.3
LOW Monitor

The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Opensuse
NVD
EPSS 1% CVSS 3.3
LOW Monitor

The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Opensuse +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Opensuse
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Wireshark Opensuse
NVD
EPSS 0% CVSS 2.9
LOW Monitor

Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. Rated low severity (CVSS 2.9). No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW PATCH Monitor

Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via. Rated low severity (CVSS 2.9).

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 2.9
LOW Monitor

Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote. Rated low severity (CVSS 2.9). No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector,. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer,. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps,. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW PATCH Monitor

The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for. Rated low severity (CVSS 2.9).

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 2.9
LOW Monitor

The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not. Rated low severity (CVSS 2.9). No vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 5.0
MEDIUM POC This Month

The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM POC This Month

The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM POC This Month

Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM POC This Month

The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM POC This Month

Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM POC This Month

epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Wireshark
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Wireshark
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Wireshark
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to. Rated medium severity (CVSS 5.4). Public exploit code available and no vendor patch available.

Buffer Overflow RCE Sunos +1
NVD
EPSS 9% CVSS 8.3
HIGH PATCH This Week

Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity.

Buffer Overflow RCE Wireshark +1
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Wireshark +2
NVD
EPSS 1% CVSS 3.3
LOW POC Monitor

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Sunos
NVD
EPSS 3% CVSS 5.8
MEDIUM POC This Month

Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Wireshark +1
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Opensuse Sunos +1
NVD
EPSS 1% CVSS 3.3
LOW POC PATCH Monitor

The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Wireshark Opensuse +1
NVD
Prev Page 6 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy