Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-07	CVE-2021-22222	Infinite Loop vulnerability in multiple products Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file network low complexity wireshark oracle debian CWE-835	5.0
2021-04-23	CVE-2021-22207	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file network low complexity wireshark fedoraproject oracle debian CWE-770	6.5
2021-03-15	CVE-2021-22191	Injection vulnerability in multiple products Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. network wireshark oracle debian CWE-74	6.8
2020-12-21	CVE-2020-26422	Classic Buffer Overflow vulnerability in multiple products Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file network low complexity wireshark oracle CWE-120	5.0
2020-12-11	CVE-2020-26421	Out-of-bounds Read vulnerability in multiple products Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject debian oracle CWE-125	5.3
2020-12-11	CVE-2020-26420	Memory Leak vulnerability in multiple products Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject oracle CWE-401	5.3
2020-12-11	CVE-2020-26419	Memory Leak vulnerability in multiple products Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject oracle CWE-401	5.3
2020-12-11	CVE-2020-26418	Memory Leak vulnerability in multiple products Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject debian oracle CWE-401	5.3
2020-08-13	CVE-2020-17498	Double Free vulnerability in multiple products In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. network low complexity wireshark fedoraproject opensuse oracle CWE-415	6.5
2020-01-16	CVE-2020-7045	NULL Pointer Dereference vulnerability in multiple products In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. low complexity wireshark debian CWE-476	6.5