Vulnerabilities > Wireshark

DATE CVE VULNERABILITY TITLE RISK
2021-11-18 CVE-2021-39920 NULL Pointer Dereference vulnerability in multiple products
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject CWE-476
7.5
7.5
2021-11-18 CVE-2021-39928 NULL Pointer Dereference vulnerability in multiple products
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-476
7.5
7.5
2021-07-20 CVE-2021-22235 Infinite Loop vulnerability in multiple products
Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian CWE-835
7.5
7.5
2021-06-07 CVE-2021-22222 Infinite Loop vulnerability in multiple products
Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark oracle debian CWE-835
7.5
7.5
2021-04-23 CVE-2021-22207 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject oracle debian CWE-770
6.5
6.5
2021-03-15 CVE-2021-22191 Injection vulnerability in multiple products
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
network
low complexity
wireshark oracle debian CWE-74
8.8
8.8
2021-02-17 CVE-2021-22174 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject oracle CWE-770
7.5
7.5
2021-02-17 CVE-2021-22173 Memory Leak vulnerability in multiple products
Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject oracle CWE-401
7.5
7.5
2020-12-21 CVE-2020-26422 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark oracle CWE-120
5.3
5.3
2020-12-11 CVE-2020-26421 Out-of-bounds Read vulnerability in multiple products
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
network
low complexity
wireshark fedoraproject debian oracle CWE-125
5.3
5.3