Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2018-9267 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak.
network
low complexity
wireshark debian CWE-772
7.5
2018-04-04 CVE-2018-9265 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak.
network
low complexity
wireshark debian CWE-772
7.5
2018-04-04 CVE-2018-9264 Out-of-bounds Write vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow.
network
low complexity
wireshark debian CWE-787
7.5
2018-04-04 CVE-2018-9263 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash.
network
low complexity
wireshark debian
7.5
2018-04-04 CVE-2018-9262 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-04 CVE-2018-9261 Excessive Iteration vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow.
network
low complexity
wireshark debian CWE-834
7.5
2018-04-04 CVE-2018-9260 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-04 CVE-2018-9259 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-04 CVE-2018-9258 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-04-04 CVE-2018-9256 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5