Vulnerabilities > Wireshark

DATE CVE VULNERABILITY TITLE RISK
2019-01-08 CVE-2019-5716 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash.
local
low complexity
wireshark debian CWE-20
5.5
2018-11-29 CVE-2018-19628 Divide By Zero vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash.
network
low complexity
wireshark debian CWE-369
7.5
2018-11-29 CVE-2018-19627 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash.
network
low complexity
wireshark debian CWE-125
7.5
2018-11-29 CVE-2018-19626 Use of Uninitialized Resource vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash.
local
low complexity
wireshark debian CWE-908
5.5
2018-11-29 CVE-2018-19625 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash.
local
low complexity
wireshark debian CWE-125
5.5
2018-11-29 CVE-2018-19624 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash.
local
low complexity
wireshark debian CWE-476
5.5
2018-11-29 CVE-2018-19623 Out-of-bounds Write vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash.
network
low complexity
wireshark debian CWE-787
7.5
2018-11-29 CVE-2018-19622 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
2018-10-12 CVE-2018-18227 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
2018-10-12 CVE-2018-18226 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory.
network
low complexity
wireshark debian CWE-772
7.5