Search
Total
633 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4293 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2018-10-30 | 3.3 LOW | N/A |
| plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. | |||||
| CVE-2012-4292 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2018-10-30 | 3.3 LOW | N/A |
| The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2012-4291 | 4 Opensuse, Redhat, Sun and 1 more | 4 Opensuse, Enterprise Linux, Sunos and 1 more | 2018-10-30 | 3.3 LOW | N/A |
| The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | |||||
| CVE-2015-2191 | 4 Debian, Mageia, Opensuse and 1 more | 4 Debian Linux, Mageia, Opensuse and 1 more | 2018-10-30 | 5.0 MEDIUM | N/A |
| Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet. | |||||
| CVE-2012-4049 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2018-10-30 | 2.9 LOW | N/A |
| epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. | |||||
| CVE-2015-2190 | 3 Opensuse, Oracle, Wireshark | 3 Opensuse, Solaris, Wireshark | 2018-10-30 | 5.0 MEDIUM | N/A |
| epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector. | |||||
| CVE-2015-2187 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2018-10-30 | 5.0 MEDIUM | N/A |
| The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet. | |||||
| CVE-2015-0561 | 3 Opensuse, Oracle, Wireshark | 3 Opensuse, Solaris, Wireshark | 2018-10-30 | 5.0 MEDIUM | N/A |
| asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet. | |||||
| CVE-2015-0560 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2018-10-30 | 5.0 MEDIUM | N/A |
| The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2015-0559 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2018-10-30 | 5.0 MEDIUM | N/A |
| Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory. | |||||
| CVE-2015-0563 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2018-10-30 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2015-2192 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2018-10-30 | 5.0 MEDIUM | N/A |
| Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet. | |||||
| CVE-2013-5722 | 1 Wireshark | 1 Wireshark | 2018-10-30 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-5721 | 1 Wireshark | 1 Wireshark | 2018-10-30 | 4.3 MEDIUM | N/A |
| The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-5720 | 1 Wireshark | 1 Wireshark | 2018-10-30 | 5.0 MEDIUM | N/A |
| Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-5719 | 1 Wireshark | 1 Wireshark | 2018-10-30 | 4.3 MEDIUM | N/A |
| epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
| CVE-2013-5718 | 1 Wireshark | 1 Wireshark | 2018-10-30 | 4.3 MEDIUM | N/A |
| The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-5717 | 1 Wireshark | 1 Wireshark | 2018-10-30 | 4.3 MEDIUM | N/A |
| The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c. | |||||
| CVE-2006-3630 | 1 Wireshark | 1 Wireshark | 2018-10-18 | 7.5 HIGH | N/A |
| Multiple off-by-one errors in Wireshark (aka Ethereal) 0.9.7 to 0.99.0 have unknown impact and remote attack vectors via the (1) NCP NMAS and (2) NDPS dissectors. | |||||
| CVE-2006-3628 | 2 Ethereal Group, Wireshark | 2 Ethereal, Wireshark | 2018-10-18 | 10.0 HIGH | N/A |
| Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors. | |||||
| CVE-2006-3627 | 1 Wireshark | 1 Wireshark | 2018-10-18 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark (aka Ethereal) 0.10.11 to 0.99.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | |||||
| CVE-2006-3631 | 1 Wireshark | 1 Wireshark | 2018-10-18 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
| CVE-2006-5740 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet. | |||||
| CVE-2006-5469 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference. | |||||
| CVE-2006-5468 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | |||||
| CVE-2006-4805 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded. | |||||
| CVE-2006-4574 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.0 MEDIUM | N/A |
| Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values. | |||||
| CVE-2006-4330 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | |||||
| CVE-2006-4333 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.4 MEDIUM | N/A |
| The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory. | |||||
| CVE-2007-3392 | 1 Wireshark | 1 Wireshark | 2018-10-16 | 5.0 MEDIUM | N/A |
| Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop. | |||||
| CVE-2007-6451 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory. | |||||
| CVE-2007-6450 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 5.0 MEDIUM | N/A |
| The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||||
| CVE-2007-6441 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 3.3 LOW | N/A |
| The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms." | |||||
| CVE-2007-6439 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 6.1 MEDIUM | N/A |
| Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119. | |||||
| CVE-2007-6438 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111. | |||||
| CVE-2007-6118 | 2 Ethereal Group, Wireshark | 2 Ethereal, Wireshark | 2018-10-15 | 7.8 HIGH | N/A |
| The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | |||||
| CVE-2007-6117 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages. | |||||
| CVE-2007-6116 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 5.0 MEDIUM | N/A |
| The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors. | |||||
| CVE-2007-6115 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 10.0 HIGH | N/A |
| Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2007-6114 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser. | |||||
| CVE-2007-6121 | 2 Ethereal Group, Wireshark | 2 Ethereal, Wireshark | 2018-10-15 | 5.0 MEDIUM | N/A |
| Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet. | |||||
| CVE-2007-6120 | 2 Ethereal Group, Wireshark | 2 Ethereal, Wireshark | 2018-10-15 | 5.0 MEDIUM | N/A |
| The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||||
| CVE-2007-6119 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 7.8 HIGH | N/A |
| The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | |||||
| CVE-2007-6111 | 2 Ethereal Group, Wireshark | 2 Ethereal, Wireshark | 2018-10-15 | 7.1 HIGH | N/A |
| Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector. | |||||
| CVE-2007-6112 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 10.0 HIGH | N/A |
| Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2007-6113 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 4.3 MEDIUM | N/A |
| Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet. | |||||
| CVE-2008-5285 | 1 Wireshark | 1 Wireshark | 2018-10-11 | 5.0 MEDIUM | N/A |
| Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop. | |||||
| CVE-2008-4682 | 1 Wireshark | 1 Wireshark | 2018-10-11 | 5.0 MEDIUM | N/A |
| wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion. | |||||
| CVE-2008-4684 | 1 Wireshark | 1 Wireshark | 2018-10-11 | 4.3 MEDIUM | N/A |
| packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector. | |||||
| CVE-2008-4683 | 1 Wireshark | 1 Wireshark | 2018-10-11 | 5.0 MEDIUM | N/A |
| The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call. | |||||