Vulnerabilities > Wireshark

DATE CVE VULNERABILITY TITLE RISK
2018-08-30 CVE-2018-16058 Improper Initialization vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash.
network
low complexity
wireshark debian CWE-665
7.5
7.5
2018-08-30 CVE-2018-16057 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash.
network
low complexity
wireshark debian
7.5
7.5
2018-08-30 CVE-2018-16056 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash.
network
low complexity
wireshark debian
7.5
7.5
2018-07-20 CVE-2018-14438 Improper Input Validation vulnerability in Wireshark
In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily.
network
low complexity
wireshark CWE-20
7.5
7.5
2018-07-19 CVE-2018-14370 Out-of-bounds Read vulnerability in Wireshark
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash.
network
low complexity
wireshark CWE-125
7.5
7.5
2018-07-19 CVE-2018-14369 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2018-07-19 CVE-2018-14368 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-07-19 CVE-2018-14367 Unchecked Return Value vulnerability in Wireshark
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash.
network
low complexity
wireshark CWE-252
7.5
7.5
2018-07-19 CVE-2018-14344 Out-of-bounds Read vulnerability in Wireshark
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash.
network
low complexity
wireshark CWE-125
7.5
7.5
2018-07-19 CVE-2018-14343 Integer Overflow or Wraparound vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash.
network
low complexity
wireshark debian CWE-190
7.5
7.5