Vulnerabilities > Wireshark > Wireshark > 2.4.12

DATE CVE VULNERABILITY TITLE RISK
2019-02-28 CVE-2019-9214 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
7.5
2019-02-28 CVE-2019-9209 Off-by-one Error vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash.
local
low complexity
wireshark debian canonical opensuse CWE-193
5.5
5.5
2019-02-28 CVE-2019-9208 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash.
network
low complexity
wireshark debian CWE-476
7.5
7.5
2018-07-20 CVE-2018-14438 Improper Input Validation vulnerability in Wireshark
In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily.
network
low complexity
wireshark CWE-20
5.0
5.0