Vulnerabilities > Wireshark > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-02 | CVE-2017-9350 | Allocation of Resources Without Limits or Throttling vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. | 7.5 |
2017-06-02 | CVE-2017-9349 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. | 7.5 |
2017-06-02 | CVE-2017-9348 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. | 7.5 |
2017-06-02 | CVE-2017-9347 | NULL Pointer Dereference vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. | 7.5 |
2017-06-02 | CVE-2017-9346 | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. | 7.5 |
2017-06-02 | CVE-2017-9345 | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. | 7.5 |
2017-06-02 | CVE-2017-9344 | Divide By Zero vulnerability in multiple products In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. | 7.5 |
2017-06-02 | CVE-2017-9343 | NULL Pointer Dereference vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. | 7.5 |
2017-04-12 | CVE-2017-7748 | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
2017-04-12 | CVE-2017-7747 | Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. | 7.5 |