Latest wireshark wireshark Vulnerabilities

CVE-2024-0211
Uncontrolled Recursion in Wireshark
Wireshark Wireshark=4.2.0
CVE-2024-0210
Uncontrolled Recursion in Wireshark
Wireshark Wireshark=4.2.0
CVE-2024-0209
NULL Pointer Dereference in Wireshark
Wireshark Wireshark>=3.6.0<=3.6.19
Wireshark Wireshark>=4.0.0<=4.0.11
Wireshark Wireshark=4.2.0
CVE-2024-0207
Out-of-bounds Read in Wireshark
Wireshark Wireshark=4.2.0
CVE-2023-6174
Out-of-bounds Read in Wireshark
debian/wireshark<=2.6.20-0+deb10u4<=2.6.20-0+deb10u7
Wireshark Wireshark>=4.0.0<=4.0.10
Debian Debian Linux=12.0
CVE-2023-5371
Memory Allocation with Excessive Size Value in Wireshark
Wireshark Wireshark>=3.6.0<3.6.17
Wireshark Wireshark>=4.0.0<4.0.9
CVE-2023-2906
Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service atta...
Wireshark Wireshark>=2.0.0<=4.0.7
CVE-2023-4512
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=4.0.0<=4.0.7
CVE-2023-4513
Missing Release of Memory after Effective Lifetime in Wireshark
Wireshark Wireshark>=3.6.0<=3.6.15
Wireshark Wireshark>=4.0.0<=4.0.7
>=3.6.0<=3.6.15
>=4.0.0<=4.0.7
CVE-2023-4511
Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
Wireshark Wireshark>=3.6.0<=3.6.15
Wireshark Wireshark>=4.0.0<=4.0.7
>=3.6.0<=3.6.15
>=4.0.0<=4.0.7
CVE-2023-3649
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=4.0.0<=4.0.6
CVE-2023-3648
Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<=3.6.14
Wireshark Wireshark>=4.0.0<=4.0.6
CVE-2023-0666
Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code ex...
debian/wireshark<=3.4.10-0+deb11u1
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=12.0
CVE-2023-0667
Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, an...
Wireshark Wireshark>=4.0.0<4.0.6
CVE-2023-0668
Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly...
debian/wireshark<=3.4.10-0+deb11u1
Wireshark Wireshark>=3.6.0<3.6.14
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=12.0
CVE-2023-2952
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<3.6.14
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=10.0
Debian Debian Linux=12.0
debian/wireshark<=2.6.20-0+deb10u4<=3.4.10-0+deb11u1
CVE-2023-2856
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Wireshark Wireshark>=3.6.0<3.6.14
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=10.0
Debian Debian Linux=12.0
debian/wireshark<=2.6.20-0+deb10u4<=3.4.10-0+deb11u1
CVE-2023-2855
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Wireshark Wireshark>=3.6.0<3.6.14
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=12.0
debian/wireshark<=3.4.10-0+deb11u1
CVE-2023-2858
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Wireshark Wireshark>=3.6.0<3.6.14
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=10.0
Debian Debian Linux=12.0
debian/wireshark<=2.6.20-0+deb10u4<=3.4.10-0+deb11u1
CVE-2023-2857
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Wireshark Wireshark>=3.6.0<3.6.14
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=12.0
debian/wireshark
CVE-2023-2854
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Wireshark Wireshark>=3.6.0<3.6.14
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=12.0
debian/wireshark
CVE-2023-2879
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<3.6.14
Wireshark Wireshark>=4.0.0<4.0.6
Debian Debian Linux=10.0
Debian Debian Linux=12.0
debian/wireshark<=2.6.20-0+deb10u4<=3.4.10-0+deb11u1
CVE-2023-1994
GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<3.6.13
Wireshark Wireshark>=4.0.0<4.0.5
Debian Debian Linux=10.0
Debian Debian Linux=12.0
Fedoraproject Fedora=36
Fedoraproject Fedora=37
and 2 more
CVE-2023-1993
LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<3.6.13
Wireshark Wireshark>=4.0.0<4.0.5
Debian Debian Linux=10.0
Debian Debian Linux=12.0
Fedoraproject Fedora=36
Fedoraproject Fedora=37
and 2 more
CVE-2023-1992
RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<3.6.13
Wireshark Wireshark>=4.0.0<4.0.5
Debian Debian Linux=10.0
Debian Debian Linux=12.0
Fedoraproject Fedora=36
Fedoraproject Fedora=37
and 2 more
CVE-2023-1161
ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<3.6.12
Wireshark Wireshark>=4.0.0<4.0.4
Debian Debian Linux=10.0
Debian Debian Linux=12.0
debian/wireshark<=2.6.20-0+deb10u4<=3.4.10-0+deb11u1
CVE-2023-0415
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<=3.6.10
Wireshark Wireshark>=4.0.0<=4.0.2
CVE-2023-0417
Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<=3.6.10
Wireshark Wireshark>=4.0.0<=4.0.2
CVE-2023-0416
GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<=3.6.10
Wireshark Wireshark>=4.0.0<=4.0.2
CVE-2023-0412
TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<=3.6.10
Wireshark Wireshark>=4.0.0<=4.0.2
Debian Debian Linux=10.0
CVE-2023-0414
Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=4.0.0<=4.0.2
CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<3.6.10
Wireshark Wireshark>=4.0.0<4.0.2
CVE-2022-4344
Wireshark Wireshark>=3.0.0<3.6.10
Wireshark Wireshark>=4.0.0<4.0.2
CVE-2022-3724
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows
Wireshark Wireshark>=3.6.0<=3.6.8
Microsoft Windows
CVE-2022-3725
Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.6.0<=3.6.8
Fedoraproject Fedora=37
CVE-2022-3190
Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.16
Wireshark Wireshark>=3.6.0<3.6.8
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-0585
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.12
Wireshark Wireshark>=3.6.0<3.6.2
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
CVE-2022-0586
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.12
Wireshark Wireshark>=3.6.0<3.6.2
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
CVE-2022-0581
Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.12
Wireshark Wireshark>=3.6.0<3.6.2
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
CVE-2022-0582
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.12
Wireshark Wireshark=3.6.0
Wireshark Wireshark=3.6.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
CVE-2021-4183
Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file
Wireshark Wireshark=3.6.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Oracle HTTP Server=12.2.1.3.0
Oracle HTTP Server=12.2.1.4.0
Oracle ZFS Storage Appliance Kit=8.8
CVE-2021-4182
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.11
Wireshark Wireshark=3.6.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Oracle HTTP Server=12.2.1.3.0
Oracle HTTP Server=12.2.1.4.0
and 1 more
CVE-2021-4181
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.11
Wireshark Wireshark=3.6.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
Oracle HTTP Server=12.2.1.3.0
and 2 more
CVE-2021-4186
Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<=3.4.10
Fedoraproject Fedora=34
Fedoraproject Fedora=35
CVE-2021-4185
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.11
Wireshark Wireshark=3.6.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
Oracle HTTP Server=12.2.1.3.0
and 2 more
CVE-2021-4184
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<=3.4.10
Wireshark Wireshark=3.6.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
Oracle HTTP Server=12.2.1.3.0
and 2 more
CVE-2021-4190
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark>=3.4.0<3.4.12
Wireshark Wireshark=3.6.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
CVE-2021-39925
Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
debian/wireshark
Wireshark Wireshark>=3.2.0<=3.2.17
Wireshark Wireshark>=3.4.0<=3.4.9
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0
CVE-2021-39923
Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
debian/wireshark
Wireshark Wireshark>=3.2.0<=3.2.17
Wireshark Wireshark>=3.4.0<=3.4.9
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=9.0
CVE-2021-39924
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
debian/wireshark
Wireshark Wireshark>=3.2.0<=3.2.17
Wireshark Wireshark>=3.4.0<=3.4.9
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=9.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203