Vulnerabilities (CVE)

Filtered by vendor Wireshark Subscribe
Total 675 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-6473 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets.
CVE-2017-11410 1 Wireshark 1 Wireshark 2025-04-20 7.8 HIGH 7.5 HIGH
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.
CVE-2017-9616 1 Wireshark 1 Wireshark 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
CVE-2017-15193 1 Wireshark 1 Wireshark 2025-04-20 7.8 HIGH 7.5 HIGH
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
CVE-2017-9345 1 Wireshark 1 Wireshark 2025-04-20 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
CVE-2017-9348 1 Wireshark 1 Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.
CVE-2017-17083 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.
CVE-2017-17084 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
CVE-2016-7957 1 Wireshark 1 Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings.
CVE-2017-6474 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.
CVE-2017-7745 1 Wireshark 1 Wireshark 2025-04-20 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.
CVE-2017-15191 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.
CVE-2017-7746 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.
CVE-2017-11407 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt.
CVE-2017-7700 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 7.1 HIGH 6.5 MEDIUM
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.
CVE-2017-6014 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.
CVE-2017-7705 1 Wireshark 1 Wireshark 2025-04-20 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.
CVE-2017-7702 1 Wireshark 1 Wireshark 2025-04-20 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.
CVE-2017-15192 1 Wireshark 1 Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.
CVE-2017-9344 2 Debian, Wireshark 2 Debian Linux, Wireshark 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.