Vulnerabilities > Wireshark > High

DATE CVE VULNERABILITY TITLE RISK
2020-05-19 CVE-2020-13164 Uncontrolled Recursion vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash.
network
low complexity
wireshark debian opensuse fedoraproject CWE-674
7.5
7.5
2020-04-10 CVE-2020-11647 Uncontrolled Recursion vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash.
network
low complexity
wireshark debian opensuse CWE-674
7.5
7.5
2020-02-27 CVE-2020-9431 Memory Leak vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory.
network
low complexity
wireshark opensuse fedoraproject debian CWE-401
7.5
7.5
2020-02-27 CVE-2020-9430 Improper Input Validation vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash.
network
low complexity
wireshark fedoraproject opensuse debian CWE-20
7.5
7.5
2020-02-27 CVE-2020-9429 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash.
network
low complexity
wireshark opensuse CWE-476
7.5
7.5
2020-02-27 CVE-2020-9428 Out-of-bounds Read vulnerability in multiple products
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash.
network
low complexity
wireshark debian fedoraproject opensuse CWE-125
7.5
7.5
2020-01-16 CVE-2020-7044 Off-by-one Error vulnerability in multiple products
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash.
network
low complexity
wireshark fedoraproject opensuse oracle CWE-193
7.5
7.5
2019-12-05 CVE-2019-19553 Missing Initialization of Resource vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash.
network
low complexity
wireshark opensuse oracle debian CWE-909
7.5
7.5
2019-09-15 CVE-2019-16319 Infinite Loop vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop.
network
low complexity
wireshark opensuse debian CWE-835
7.5
7.5
2019-07-17 CVE-2019-13619 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. 		7.5
7.5