Vulnerabilities > Wireshark

DATE CVE VULNERABILITY TITLE RISK
2017-04-12 CVE-2017-7704 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
2017-04-12 CVE-2017-7703 Injection vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-74
7.5
2017-04-12 CVE-2017-7702 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
2017-04-12 CVE-2017-7701 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
2017-04-12 CVE-2017-7700 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-835
6.5
2017-04-12 CVE-2016-7958 Improper Input Validation vulnerability in Wireshark 2.2.0
In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-20
7.5
2017-04-12 CVE-2016-7957 Improper Input Validation vulnerability in Wireshark 2.2.0
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-20
7.5
2017-03-04 CVE-2017-6474 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5
2017-03-04 CVE-2017-6473 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
2017-03-04 CVE-2017-6472 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5