Vulnerabilities > Wireshark > Wireshark > 4.0.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2024-8645 | Access of Uninitialized Pointer vulnerability in Wireshark SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file | 5.5 |
| 2024-08-29 | CVE-2024-8250 | Out-of-bounds Write vulnerability in Wireshark NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file | 5.5 |
| 2024-05-14 | CVE-2024-4854 | Infinite Loop vulnerability in multiple products MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file | 7.5 |
| 2024-03-26 | CVE-2023-6175 | Classic Buffer Overflow vulnerability in Wireshark NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file | 7.8 |
| 2024-01-03 | CVE-2024-0208 | Unspecified vulnerability in Wireshark GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2024-01-03 | CVE-2024-0209 | NULL Pointer Dereference vulnerability in Wireshark IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2023-11-16 | CVE-2023-6174 | Injection vulnerability in multiple products SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file | 6.5 |
| 2023-10-04 | CVE-2023-5371 | Allocation of Resources Without Limits or Throttling vulnerability in Wireshark RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file | 6.5 |
| 2023-08-25 | CVE-2023-2906 | Divide By Zero vulnerability in Wireshark Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. | 6.5 |
| 2023-08-24 | CVE-2023-4511 | Infinite Loop vulnerability in Wireshark BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file | 7.5 |