This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Wireshark First view 2011-02-08
Product Wireshark Last view 2024-01-03
Version 1.2.14 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:wireshark:wireshark

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2024-01-03 CVE-2024-0209

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file

7.5 2024-01-03 CVE-2024-0208

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file

6.5 2023-11-16 CVE-2023-6174

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

6.5 2023-10-04 CVE-2023-5371

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

6.5 2023-08-25 CVE-2023-2906

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.

7.5 2023-08-24 CVE-2023-4513

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

7.5 2023-08-24 CVE-2023-4512

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

7.5 2023-08-24 CVE-2023-4511

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

5.5 2023-07-14 CVE-2023-3649

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

5.5 2023-07-14 CVE-2023-3648

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

6.5 2023-06-07 CVE-2023-0668

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

6.5 2023-06-07 CVE-2023-0667

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark

6.5 2023-06-07 CVE-2023-0666

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

6.5 2023-05-30 CVE-2023-2952

XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

7.5 2023-05-26 CVE-2023-2879

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

6.5 2023-05-26 CVE-2023-2858

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

6.5 2023-05-26 CVE-2023-2857

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

6.5 2023-05-26 CVE-2023-2856

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

6.5 2023-05-26 CVE-2023-2855

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

6.5 2023-05-26 CVE-2023-2854

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

6.5 2023-04-12 CVE-2023-1994

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

6.5 2023-04-12 CVE-2023-1993

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

7.5 2023-04-12 CVE-2023-1992

RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

7.1 2023-03-06 CVE-2023-1161

ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file

6.5 2023-01-26 CVE-2023-0417

Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
12% (20) CWE-476 NULL Pointer Dereference
12% (20) CWE-20 Improper Input Validation
11% (18) CWE-125 Out-of-bounds Read
9% (14) CWE-787 Out-of-bounds Write
7% (11) CWE-772 Missing Release of Resource after Effective Lifetime
6% (10) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
4% (7) CWE-399 Resource Management Errors
3% (6) CWE-674 Uncontrolled Recursion
3% (6) CWE-404 Improper Resource Shutdown or Release
3% (5) CWE-770 Allocation of Resources Without Limits or Throttling
3% (5) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
1% (3) CWE-416 Use After Free
1% (3) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (3) CWE-369 Divide By Zero
1% (3) CWE-193 Off-by-one Error
1% (3) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
1% (2) CWE-682 Incorrect Calculation
1% (2) CWE-665 Improper Initialization
1% (2) CWE-190 Integer Overflow or Wraparound
1% (2) CWE-134 Uncontrolled Format String
1% (2) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
0% (1) CWE-763 Release of Invalid Pointer or Reference
0% (1) CWE-617 Reachable Assertion
0% (1) CWE-415 Double Free
0% (1) CWE-354 Improper Validation of Integrity Check Value

Open Source Vulnerability Database (OSVDB)

id Description
73687 Wireshark Lucent / Ascend File Parser Infinite Loop DoS
72979 Wireshark wiretap/visual.c visual_read Function Visual Networks File Handling...
72978 Wireshark epan/tvbuff.c tvb_uncompress Function Double-free Remote DoS
72977 Wireshark wiretap/snoop.c snoop_read Function Virtualizable Buffer Handling R...
72976 Wireshark Diameter Dictionary File Handling Remote DoS
72975 Wireshark DICOM Dissector epan/dissectors/packet-dcm.c dissect_dcm_main Funct...
71846 Wireshark X.509if Dissector Use-after-free DoS
71556 Wireshark pcap-ng File Handling Memory Corruption
71555 Wireshark pcap-ng Large packet-length Field DoS
71554 Wireshark Nokia DCT3 Trace File Handling Overflow
71553 Wireshark Multiple Function SMB Packet Handling DoS
71552 Wireshark Multiple Function CLDAP Packet Handling DoS
71550 Wireshark LDAP Dissector Filter String Memory Consumption DoS
71549 Wireshark BER Dissector ASN.1 CHOICE Value DoS
71548 Wireshark NTLMSSP Dissector PCAP File Handling DoS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-07-30 Name : CentOS Update for wireshark CESA-2012:0509 centos6
File : nvt/gb_CESA-2012_0509_wireshark_centos6.nasl
2012-07-30 Name : CentOS Update for wireshark CESA-2011:0370 centos5 x86_64
File : nvt/gb_CESA-2011_0370_wireshark_centos5_x86_64.nasl
2012-07-09 Name : RedHat Update for wireshark RHSA-2012:0509-01
File : nvt/gb_RHSA-2012_0509-01_wireshark.nasl
2012-06-29 Name : Wireshark Multiple Denial of Service Vulnerabilities June-11 (Mac OS X)
File : nvt/secpod_wireshark_mult_dos_vuln_jun11_macosx.nasl
2012-06-27 Name : Wireshark Multiple Vulnerabilities March-11 (Mac OS X)
File : nvt/gb_wireshark_mult_vuln_mar11_macosx.nasl
2012-06-27 Name : Wireshark Multiple Vulnerabilities-01 March 11 (Mac OS X)
File : nvt/gb_wireshark_mult_vuln01_mar11_macosx.nasl
2012-06-27 Name : Wireshark Denial of Service Vulnerability-02 March 11 (Mac OS X)
File : nvt/gb_wireshark_dos_vuln02_mar11_macosx.nasl
2012-06-27 Name : Wireshark Denial of Service Vulnerability-01 March 11 (Mac OS X)
File : nvt/gb_wireshark_dos_vuln01_mar11_macosx.nasl
2012-06-06 Name : RedHat Update for wireshark RHSA-2011:0369-01
File : nvt/gb_RHSA-2011_0369-01_wireshark.nasl
2012-05-03 Name : Wireshark Lucent/Ascend File Parser Denial of Service Vulnerability (Mac OS X)
File : nvt/gb_wireshark_lucent_ascend_file_parser_dos_vuln_macosx.nasl
2012-04-26 Name : Wireshark X.509if Dissector Denial of Service Vulnerability (Mac OS X)
File : nvt/secpod_wireshark_dissector_dos_vuln_macosx.nasl
2012-04-25 Name : Wireshark Denial of Service Vulnerability (Mac OS X)
File : nvt/secpod_wireshark_dos_vuln_macosx.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-02 (wireshark)
File : nvt/glsa_201110_02.nasl
2011-08-12 Name : Fedora Update for wireshark FEDORA-2011-9640
File : nvt/gb_fedora_2011_9640_wireshark_fc14.nasl
2011-08-12 Name : Fedora Update for wireshark FEDORA-2011-9638
File : nvt/gb_fedora_2011_9638_wireshark_fc15.nasl
2011-08-09 Name : CentOS Update for wireshark CESA-2011:0370 centos5 i386
File : nvt/gb_CESA-2011_0370_wireshark_centos5_i386.nasl
2011-08-03 Name : Debian Security Advisory DSA 2274-1 (wireshark)
File : nvt/deb_2274_1.nasl
2011-07-27 Name : Mandriva Update for wireshark MDVSA-2011:118 (wireshark)
File : nvt/gb_mandriva_MDVSA_2011_118.nasl
2011-07-14 Name : Wireshark Lucent/Ascend File Parser Denial of Service Vulnerability (Win)
File : nvt/gb_wireshark_lucent_ascend_file_parser_dos_vuln_win.nasl
2011-07-12 Name : Fedora Update for wireshark FEDORA-2011-7821
File : nvt/gb_fedora_2011_7821_wireshark_fc15.nasl
2011-06-20 Name : Fedora Update for wireshark FEDORA-2011-7846
File : nvt/gb_fedora_2011_7846_wireshark_fc14.nasl
2011-06-20 Name : Fedora Update for wireshark FEDORA-2011-7858
File : nvt/gb_fedora_2011_7858_wireshark_fc13.nasl
2011-06-13 Name : Wireshark Multiple Denial of Service Vulnerabilities (Windows)
File : nvt/gb_wireshark_mult_dos_vuln_win_jun11.nasl
2011-05-17 Name : Mandriva Update for wireshark MDVSA-2011:083 (wireshark)
File : nvt/gb_mandriva_MDVSA_2011_083.nasl
2011-05-16 Name : Wireshark X.509if Dissector Denial of service vulnerability (Windows)
File : nvt/gb_wireshark_dissector_dos_vuln_win_may11.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-16 Name: The remote Debian host is missing a security update.
File: debian_DLA-1634.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: An application installed on the remote MacOS / MacOSX host is affected by mul...
File: macosx_wireshark_2_4_12.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: An application installed on the remote MacOS / MacOSX host is affected by mul...
File: macosx_wireshark_2_6_6.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-1b6cb1df72.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-3dfee621af.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-89413a04e0.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b7a58187ba.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-bfdad62cd6.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-cb410a3812.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-d56c428f9e.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4359.nasl - Type: ACT_GATHER_INFO
2018-12-05 Name: An application installed on the remote MacOS / MacOSX host is affected by mul...
File: macosx_wireshark_2_4_11.nasl - Type: ACT_GATHER_INFO
2018-12-05 Name: An application installed on the remote MacOS / MacOSX host is affected by mul...
File: macosx_wireshark_2_6_5.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL34035645.nasl - Type: ACT_GATHER_INFO
2018-10-15 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4315.nasl - Type: ACT_GATHER_INFO
2018-08-02 Name: The remote Fedora host is missing a security update.
File: fedora_2018-9ef52861b5.nasl - Type: ACT_GATHER_INFO
2018-07-30 Name: The remote Debian host is missing a security update.
File: debian_DLA-1451.nasl - Type: ACT_GATHER_INFO
2018-06-06 Name: The remote Fedora host is missing a security update.
File: fedora_2018-d1cfa444d2.nasl - Type: ACT_GATHER_INFO
2018-06-05 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4217.nasl - Type: ACT_GATHER_INFO
2018-05-31 Name: An application installed on the remote MacOS / MacOSX host is affected by mul...
File: macosx_wireshark_2_6_1.nasl - Type: ACT_GATHER_INFO
2018-05-29 Name: The remote Debian host is missing a security update.
File: debian_DLA-1388.nasl - Type: ACT_GATHER_INFO
2018-04-19 Name: The remote Debian host is missing a security update.
File: debian_DLA-1353.nasl - Type: ACT_GATHER_INFO
2018-04-06 Name: An application installed on the remote MacOS / MacOSX host is affected by mul...
File: macos_wireshark_2_4_6.nasl - Type: ACT_GATHER_INFO
2018-03-28 Name: The remote Fedora host is missing a security update.
File: fedora_2018-cdf3f8e8b0.nasl - Type: ACT_GATHER_INFO
2018-03-05 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_c5ab620f45764ad5b51f93e4fec9cd0e.nasl - Type: ACT_GATHER_INFO