Vulnerabilities > Wireshark > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-30 CVE-2023-2952 Infinite Loop vulnerability in multiple products
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian CWE-835
6.5
6.5
2023-05-26 CVE-2023-2854 Out-of-bounds Write vulnerability in multiple products
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
network
low complexity
wireshark debian CWE-787
6.5
6.5
2023-05-26 CVE-2023-2855 Out-of-bounds Write vulnerability in multiple products
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
network
low complexity
wireshark debian CWE-787
6.5
6.5
2023-05-26 CVE-2023-2856 Out-of-bounds Write vulnerability in multiple products
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
network
low complexity
wireshark debian CWE-787
6.5
6.5
2023-05-26 CVE-2023-2857 Out-of-bounds Write vulnerability in multiple products
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
network
low complexity
wireshark debian CWE-787
6.5
6.5
2023-05-26 CVE-2023-2858 Out-of-bounds Write vulnerability in multiple products
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
network
low complexity
wireshark debian CWE-787
6.5
6.5
2023-04-12 CVE-2023-1994 Resource Exhaustion vulnerability in multiple products
GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-400
6.5
6.5
2023-04-12 CVE-2023-1993 Excessive Iteration vulnerability in multiple products
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-834
6.5
6.5
2023-01-26 CVE-2023-0411 Excessive Iteration vulnerability in Wireshark
Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark CWE-834
6.5
6.5
2023-01-26 CVE-2023-0413 Improper Resource Shutdown or Release vulnerability in Wireshark
Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark CWE-404
6.5
6.5