Vulnerabilities > Wireshark > Wireshark > 2.0.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-25 | CVE-2023-2906 | Divide By Zero vulnerability in Wireshark Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. | 6.5 |
| 2020-10-06 | CVE-2020-26575 | Infinite Loop vulnerability in multiple products In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. | 7.5 |
| 2018-07-20 | CVE-2018-14438 | Improper Input Validation vulnerability in Wireshark In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. | 5.0 |
| 2018-02-08 | CVE-2018-6836 | Release of Invalid Pointer or Reference vulnerability in Wireshark The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 9.8 |
| 2017-12-30 | CVE-2017-17997 | NULL Pointer Dereference vulnerability in multiple products In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. | 7.5 |
| 2017-12-27 | CVE-2017-17935 | Out-of-bounds Read vulnerability in multiple products The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line. | 7.5 |
| 2017-10-10 | CVE-2017-15191 | Use of Externally-Controlled Format String vulnerability in multiple products In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. | 7.5 |
| 2017-08-30 | CVE-2017-13765 | Out-of-bounds Read vulnerability in multiple products In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. | 7.5 |
| 2017-02-17 | CVE-2017-6014 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. | 7.8 |