Vulnerabilities > Wireshark

DATE CVE VULNERABILITY TITLE RISK
2018-05-22 CVE-2018-11357 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory.
network
low complexity
wireshark debian CWE-20
7.5
2018-05-22 CVE-2018-11356 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
2018-05-22 CVE-2018-11355 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark 2.6.0
In Wireshark 2.6.0, the RTCP dissector could crash.
network
low complexity
wireshark CWE-119
7.5
2018-05-22 CVE-2018-11354 Improper Input Validation vulnerability in Wireshark 2.6.0
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash.
network
low complexity
wireshark CWE-20
7.5
2018-04-04 CVE-2018-9274 Missing Release of Resource after Effective Lifetime vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.
network
low complexity
wireshark CWE-772
7.5
2018-04-04 CVE-2018-9273 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.
network
low complexity
wireshark debian CWE-772
7.5
2018-04-04 CVE-2018-9272 Missing Release of Resource after Effective Lifetime vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.
network
low complexity
wireshark CWE-772
7.5
2018-04-04 CVE-2018-9271 Missing Release of Resource after Effective Lifetime vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak.
network
low complexity
wireshark CWE-772
7.5
2018-04-04 CVE-2018-9270 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak.
network
low complexity
wireshark debian CWE-772
7.5
2018-04-04 CVE-2018-9269 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak.
network
low complexity
wireshark debian CWE-772
7.5