Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Wireshark Subscribe
Total 637 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0581 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-11-04 5.0 MEDIUM 7.5 HIGH
Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
CVE-2022-0583 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-11-04 5.0 MEDIUM 7.5 HIGH
Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
CVE-2021-4185 4 Debian, Fedoraproject, Oracle and 1 more 5 Debian Linux, Fedora, Http Server and 2 more 2022-11-04 5.0 MEDIUM 7.5 HIGH
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
CVE-2021-22235 2 Debian, Wireshark 2 Debian Linux, Wireshark 2022-11-03 5.0 MEDIUM 7.5 HIGH
Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file
CVE-2021-39920 2 Fedoraproject, Wireshark 2 Fedora, Wireshark 2022-10-16 5.0 MEDIUM 7.5 HIGH
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
CVE-2021-39924 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-10-16 5.0 MEDIUM 7.5 HIGH
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-39929 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-10-16 5.0 MEDIUM 7.5 HIGH
Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-39925 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-10-16 5.0 MEDIUM 7.5 HIGH
Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-39926 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-10-16 5.0 MEDIUM 7.5 HIGH
Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file
CVE-2021-39928 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-10-16 5.0 MEDIUM 7.5 HIGH
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-39922 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-10-16 5.0 MEDIUM 7.5 HIGH
Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2021-39921 3 Debian, Fedoraproject, Wireshark 3 Debian Linux, Fedora, Wireshark 2022-10-16 5.0 MEDIUM 7.5 HIGH
NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
CVE-2020-25866 4 Fedoraproject, Opensuse, Oracle and 1 more 4 Fedora, Leap, Zfs Storage Appliance Kit and 1 more 2022-10-07 5.0 MEDIUM 7.5 HIGH
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
CVE-2020-26419 3 Fedoraproject, Oracle, Wireshark 3 Fedora, Zfs Storage Appliance Kit, Wireshark 2022-09-02 5.0 MEDIUM 5.3 MEDIUM
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
CVE-2020-26418 4 Debian, Fedoraproject, Oracle and 1 more 4 Debian Linux, Fedora, Zfs Storage Appliance Kit and 1 more 2022-09-02 5.0 MEDIUM 5.3 MEDIUM
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVE-2020-26421 4 Debian, Fedoraproject, Oracle and 1 more 4 Debian Linux, Fedora, Zfs Storage Appliance Kit and 1 more 2022-09-02 5.0 MEDIUM 5.3 MEDIUM
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVE-2020-26420 3 Fedoraproject, Oracle, Wireshark 3 Fedora, Zfs Storage Appliance Kit, Wireshark 2022-09-02 5.0 MEDIUM 5.3 MEDIUM
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVE-2020-26422 2 Oracle, Wireshark 2 Zfs Storage Appliance Kit, Wireshark 2022-09-02 5.0 MEDIUM 5.3 MEDIUM
Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file
CVE-2020-17498 4 Fedoraproject, Opensuse, Oracle and 1 more 4 Fedora, Leap, Zfs Storage Appliance Kit and 1 more 2022-09-02 4.3 MEDIUM 6.5 MEDIUM
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
CVE-2021-22191 3 Debian, Oracle, Wireshark 3 Debian Linux, Zfs Storage Appliance, Wireshark 2022-05-27 6.8 MEDIUM 8.8 HIGH
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.