Vulnerabilities > Wireshark > Wireshark > 2.4.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-25 | CVE-2023-2906 | Divide By Zero vulnerability in Wireshark Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. | 6.5 |
| 2020-10-06 | CVE-2020-26575 | Infinite Loop vulnerability in multiple products In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. | 7.5 |
| 2019-07-17 | CVE-2019-13619 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. | 7.5 |
| 2019-05-23 | CVE-2019-12295 | Uncontrolled Recursion vulnerability in multiple products In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. | 7.5 |
| 2018-07-20 | CVE-2018-14438 | Improper Input Validation vulnerability in Wireshark In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. | 5.0 |