Vulnerabilities > Wireshark > Wireshark > 2.2.0

DATE CVE VULNERABILITY TITLE RISK
2017-10-10 CVE-2017-15191 Use of Externally-Controlled Format String vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash.
network
low complexity
wireshark debian CWE-134
7.5
7.5
2017-08-30 CVE-2017-13767 Infinite Loop vulnerability in Wireshark
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
7.5
2017-08-30 CVE-2017-13766 Out-of-bounds Write vulnerability in Wireshark
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write.
network
low complexity
wireshark CWE-787
7.5
7.5
2017-08-30 CVE-2017-13765 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash.
network
low complexity
wireshark debian CWE-125
7.5
7.5
2017-07-18 CVE-2017-11411 Improper Input Validation vulnerability in Wireshark
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory.
network
low complexity
wireshark CWE-20
7.5
7.5
2017-07-18 CVE-2017-11410 Infinite Loop vulnerability in Wireshark
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
7.5
2017-07-18 CVE-2017-11408 Improper Input Validation vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash.
network
low complexity
wireshark CWE-20
7.5
7.5
2017-07-18 CVE-2017-11407 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2017-07-18 CVE-2017-11406 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2017-06-02 CVE-2017-9354 Improper Input Validation vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash.
network
low complexity
wireshark CWE-20
7.5
7.5