Vulnerabilities > Wireshark > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-08 CVE-2019-5718 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash.
local
low complexity
wireshark debian CWE-125
5.5
5.5
2019-01-08 CVE-2019-5717 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash.
local
low complexity
wireshark debian CWE-20
5.5
5.5
2019-01-08 CVE-2019-5716 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash.
local
low complexity
wireshark debian CWE-20
5.5
5.5
2018-11-29 CVE-2018-19626 Use of Uninitialized Resource vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash.
local
low complexity
wireshark debian CWE-908
5.5
5.5
2018-11-29 CVE-2018-19625 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash.
local
low complexity
wireshark debian CWE-125
5.5
5.5
2018-11-29 CVE-2018-19624 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash.
local
low complexity
wireshark debian CWE-476
5.5
5.5
2018-01-11 CVE-2018-5335 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash.
network
low complexity
wireshark debian CWE-119
6.5
6.5
2018-01-11 CVE-2018-5334 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash.
network
low complexity
wireshark debian CWE-119
6.5
6.5
2017-06-14 CVE-2017-9617 Uncontrolled Recursion vulnerability in Wireshark 2.2.7
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
local
low complexity
wireshark CWE-674
5.5
5.5
2017-06-14 CVE-2017-9616 Uncontrolled Recursion vulnerability in Wireshark 2.2.7
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
local
low complexity
wireshark CWE-674
5.5
5.5