Vulnerabilities > Wireshark > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-19 CVE-2018-14341 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-07-19 CVE-2018-14340 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash.
network
low complexity
wireshark debian CWE-125
7.5
7.5
2018-07-19 CVE-2018-14339 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-05-22 CVE-2018-11362 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash.
network
low complexity
wireshark debian CWE-125
7.5
7.5
2018-05-22 CVE-2018-11361 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark 2.6.0
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash.
network
low complexity
wireshark CWE-119
7.5
7.5
2018-05-22 CVE-2018-11360 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash.
network
low complexity
wireshark debian CWE-119
7.5
7.5
2018-05-22 CVE-2018-11359 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash.
network
low complexity
wireshark debian CWE-476
7.5
7.5
2018-05-22 CVE-2018-11358 Use After Free vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash.
network
low complexity
wireshark debian CWE-416
7.5
7.5
2018-05-22 CVE-2018-11357 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2018-05-22 CVE-2018-11356 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
7.5