Vulnerabilities > Wireshark > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-11 | CVE-2018-5335 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. | 6.5 |
2018-01-11 | CVE-2018-5334 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. | 6.5 |
2017-06-14 | CVE-2017-9617 | Uncontrolled Recursion vulnerability in Wireshark 2.2.7 In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector. | 4.3 |
2017-06-14 | CVE-2017-9616 | Uncontrolled Recursion vulnerability in Wireshark 2.2.7 In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c. | 4.3 |
2017-04-12 | CVE-2017-7700 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. | 6.5 |
2016-11-17 | CVE-2016-9376 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. | 5.9 |
2016-11-17 | CVE-2016-9375 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. | 5.9 |
2016-11-17 | CVE-2016-9374 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. | 5.9 |
2016-11-17 | CVE-2016-9373 | Use After Free vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. | 5.9 |
2016-11-17 | CVE-2016-9372 | Resource Management Errors vulnerability in Wireshark 2.2.0/2.2.1 In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. | 5.9 |