Vulnerabilities > Wireshark > Wireshark > 2.2.10

DATE CVE VULNERABILITY TITLE RISK
2018-02-23 CVE-2018-7328 Infinite Loop vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths.
network
low complexity
wireshark CWE-835
7.5
7.5
2018-02-23 CVE-2018-7327 Infinite Loop vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths.
network
low complexity
wireshark CWE-835
7.5
7.5
2018-02-23 CVE-2018-7326 Infinite Loop vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type.
network
low complexity
wireshark CWE-835
7.5
7.5
2018-02-23 CVE-2018-7325 Infinite Loop vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-02-23 CVE-2018-7324 Infinite Loop vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-02-23 CVE-2018-7323 Excessive Iteration vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing.
network
low complexity
wireshark debian CWE-834
7.5
7.5
2018-02-23 CVE-2018-7322 Infinite Loop vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2018-02-23 CVE-2018-7321 Excessive Iteration vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.
network
low complexity
wireshark CWE-834
7.5
7.5
2018-02-23 CVE-2018-7320 In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash.
network
low complexity
wireshark debian
7.5
7.5
2018-02-08 CVE-2018-6836 Release of Invalid Pointer or Reference vulnerability in Wireshark
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
network
low complexity
wireshark CWE-763
critical
 9.8
9.8