Vulnerabilities > Wireshark > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-12 | CVE-2017-7700 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. | 6.5 |
| 2016-11-17 | CVE-2016-9376 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. | 5.9 |
| 2016-11-17 | CVE-2016-9375 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. | 5.9 |
| 2016-11-17 | CVE-2016-9374 | Resource Management Errors vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. | 5.9 |
| 2016-11-17 | CVE-2016-9373 | Use After Free vulnerability in multiple products In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. | 5.9 |
| 2016-11-17 | CVE-2016-9372 | Resource Management Errors vulnerability in Wireshark 2.2.0/2.2.1 In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. | 5.9 |
| 2016-09-09 | CVE-2016-7180 | Use After Free vulnerability in multiple products epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. | 5.9 |
| 2016-09-09 | CVE-2016-7179 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.9 |
| 2016-09-09 | CVE-2016-7178 | Out-of-bounds Write vulnerability in multiple products epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet. | 5.9 |
| 2016-09-09 | CVE-2016-7177 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet. | 5.9 |