Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-22 CVE-2018-11362 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash.
network
low complexity
wireshark debian CWE-125
7.5
7.5
2018-05-22 CVE-2018-11361 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark 2.6.0
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash.
network
low complexity
wireshark CWE-119
7.5
7.5
2018-05-22 CVE-2018-11360 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash.
network
low complexity
wireshark debian CWE-119
7.5
7.5
2018-05-22 CVE-2018-11359 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash.
network
low complexity
wireshark debian CWE-476
7.5
7.5
2018-05-22 CVE-2018-11358 Use After Free vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash.
network
low complexity
wireshark debian CWE-416
7.5
7.5
2018-05-22 CVE-2018-11357 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2018-05-22 CVE-2018-11356 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
7.5
2018-05-22 CVE-2018-11355 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark 2.6.0
In Wireshark 2.6.0, the RTCP dissector could crash.
network
low complexity
wireshark CWE-119
7.5
7.5
2018-05-22 CVE-2018-11354 Improper Input Validation vulnerability in Wireshark 2.6.0
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash.
network
low complexity
wireshark CWE-20
7.5
7.5
2018-05-22 CVE-2018-10092 Missing Authorization vulnerability in Dolibarr
The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads.
network
low complexity
dolibarr CWE-862
8.0
8.0