Vulnerabilities > Wireshark > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-22 CVE-2018-11360 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash.
network
low complexity
wireshark debian CWE-119
7.5
2018-05-22 CVE-2018-11359 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash.
network
low complexity
wireshark debian CWE-476
7.5
2018-05-22 CVE-2018-11358 Use After Free vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash.
network
low complexity
wireshark debian CWE-416
7.5
2018-05-22 CVE-2018-11357 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory.
network
low complexity
wireshark debian CWE-20
7.5
2018-05-22 CVE-2018-11356 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
2018-05-22 CVE-2018-11355 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark 2.6.0
In Wireshark 2.6.0, the RTCP dissector could crash.
network
low complexity
wireshark CWE-119
7.5
2018-05-22 CVE-2018-11354 Improper Input Validation vulnerability in Wireshark 2.6.0
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash.
network
low complexity
wireshark CWE-20
7.5
2018-04-04 CVE-2018-9274 Missing Release of Resource after Effective Lifetime vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.
network
low complexity
wireshark CWE-772
7.5
2018-04-04 CVE-2018-9273 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.
network
low complexity
wireshark debian CWE-772
7.5
2018-04-04 CVE-2018-9272 Missing Release of Resource after Effective Lifetime vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.
network
low complexity
wireshark CWE-772
7.5