Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-06-02 CVE-2017-9351 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer.
network
low complexity
wireshark CWE-119
7.5
7.5
2017-06-02 CVE-2017-9350 Allocation of Resources Without Limits or Throttling vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory.
network
low complexity
wireshark CWE-770
7.5
7.5
2017-06-02 CVE-2017-9349 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2017-06-02 CVE-2017-9348 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer.
network
low complexity
wireshark CWE-119
7.5
7.5
2017-06-02 CVE-2017-9347 NULL Pointer Dereference vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference.
network
low complexity
wireshark CWE-476
7.5
7.5
2017-06-02 CVE-2017-9346 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
7.5
2017-06-02 CVE-2017-9345 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
7.5
2017-06-02 CVE-2017-9344 Divide By Zero vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero.
network
low complexity
wireshark debian CWE-369
7.5
7.5
2017-06-02 CVE-2017-9343 NULL Pointer Dereference vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer.
network
low complexity
wireshark CWE-476
7.5
7.5
2017-06-01 CVE-2017-8386 git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.
network
low complexity
git opensuse debian canonical fedoraproject
8.8
8.8