Vulnerabilities > Wireshark > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-02-14 CVE-2022-0582 NULL Pointer Dereference vulnerability in multiple products
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian CWE-476
critical
9.8
2018-02-08 CVE-2018-6836 Release of Invalid Pointer or Reference vulnerability in Wireshark
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
network
low complexity
wireshark CWE-763
critical
9.8
2014-06-18 CVE-2014-4174 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark
wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet.
network
wireshark CWE-119
critical
9.3
2011-09-20 CVE-2011-3360 Unspecified vulnerability in Wireshark
Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
network
wireshark
critical
9.3
2011-04-29 CVE-2011-1591 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
network
wireshark CWE-119
critical
9.3
2011-01-13 CVE-2011-0444 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark
Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs.
network
low complexity
wireshark CWE-119
critical
10.0
2011-01-07 CVE-2010-4538 Buffer Errors vulnerability in Wireshark 1.4.2
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
network
wireshark CWE-119
critical
9.3
2010-08-26 CVE-2010-3133 Unspecified vulnerability in Wireshark
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.
network
wireshark
critical
9.3
2010-08-13 CVE-2010-2995 Numeric Errors vulnerability in Wireshark
The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287.
network
low complexity
wireshark CWE-189
critical
10.0
2010-08-13 CVE-2010-2994 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark
Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors.
network
low complexity
wireshark CWE-119
critical
10.0