Vulnerabilities > Wireshark > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-16 CVE-2020-7044 Off-by-one Error vulnerability in multiple products
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash.
network
low complexity
wireshark fedoraproject opensuse oracle CWE-193
7.5
2019-12-05 CVE-2019-19553 Missing Initialization of Resource vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash.
network
low complexity
wireshark opensuse oracle debian CWE-909
7.5
2019-09-15 CVE-2019-16319 Infinite Loop vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop.
network
low complexity
wireshark opensuse debian CWE-835
7.5
2019-07-17 CVE-2019-13619 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash.
7.5
2019-05-23 CVE-2019-12295 Uncontrolled Recursion vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash.
network
low complexity
wireshark debian canonical f5 CWE-674
7.5
2019-04-09 CVE-2019-10903 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash.
7.5
2019-04-09 CVE-2019-10902 Unchecked Return Value vulnerability in multiple products
In Wireshark 3.0.0, the TSDNS dissector could crash.
network
low complexity
wireshark fedoraproject CWE-252
7.5
2019-04-09 CVE-2019-10901 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash.
7.5
2019-04-09 CVE-2019-10900 Infinite Loop vulnerability in multiple products
In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop.
network
low complexity
wireshark fedoraproject CWE-835
7.5
2019-04-09 CVE-2019-10899 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash.
7.5