Vulnerabilities > Wireshark > High

DATE CVE VULNERABILITY TITLE RISK
2021-02-17 CVE-2021-22173 Memory Leak vulnerability in multiple products
Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject oracle CWE-401
7.5
7.5
2020-11-02 CVE-2020-28030 Infinite Loop vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash.
network
low complexity
wireshark debian fedoraproject CWE-835
7.5
7.5
2020-10-06 CVE-2020-26575 Infinite Loop vulnerability in multiple products
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop.
network
low complexity
wireshark fedoraproject debian oracle CWE-835
7.5
7.5
2020-10-06 CVE-2020-25866 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages.
network
low complexity
wireshark fedoraproject opensuse oracle CWE-476
7.5
7.5
2020-10-06 CVE-2020-25863 In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash.
network
low complexity
wireshark fedoraproject opensuse debian oracle
7.5
7.5
2020-10-06 CVE-2020-25862 Improper Validation of Integrity Check Value vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. 		7.5
7.5
2020-07-05 CVE-2020-15466 Infinite Loop vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop.
network
low complexity
wireshark opensuse debian CWE-835
7.5
7.5
2020-05-19 CVE-2020-13164 Uncontrolled Recursion vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash.
network
low complexity
wireshark debian opensuse fedoraproject CWE-674
7.5
7.5
2020-04-10 CVE-2020-11647 Uncontrolled Recursion vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash.
network
low complexity
wireshark debian opensuse CWE-674
7.5
7.5
2020-02-27 CVE-2020-9431 Memory Leak vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory.
network
low complexity
wireshark opensuse fedoraproject debian CWE-401
7.5
7.5