Vulnerabilities > Wireshark > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-10 | CVE-2024-9780 | Missing Initialization of Resource vulnerability in Wireshark 4.4.0 ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file | 5.5 |
| 2024-08-29 | CVE-2024-8250 | Out-of-bounds Write vulnerability in Wireshark NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file | 5.5 |
| 2023-11-16 | CVE-2023-6174 | Injection vulnerability in multiple products SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file | 6.5 |
| 2023-10-04 | CVE-2023-5371 | Allocation of Resources Without Limits or Throttling vulnerability in Wireshark RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file | 6.5 |
| 2023-08-25 | CVE-2023-2906 | Divide By Zero vulnerability in Wireshark Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. | 6.5 |
| 2023-07-14 | CVE-2023-3648 | Unspecified vulnerability in Wireshark Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file | 5.5 |
| 2023-07-14 | CVE-2023-3649 | Out-of-bounds Read vulnerability in Wireshark iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file | 5.5 |
| 2023-06-07 | CVE-2023-0666 | Out-of-bounds Write vulnerability in multiple products Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. | 6.5 |
| 2023-06-07 | CVE-2023-0667 | Out-of-bounds Write vulnerability in Wireshark Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark | 6.5 |
| 2023-06-07 | CVE-2023-0668 | Out-of-bounds Write vulnerability in multiple products Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. | 6.5 |