Vulnerabilities (CVE)

Filtered by vendor Wireshark Subscribe
Total 748 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-24478 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.5 HIGH
An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
CVE-2024-24476 2 Fedoraproject, Wireshark 2 Fedora, Wireshark 2026-06-17 N/A 7.5 HIGH
A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
CVE-2024-11596 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.8 HIGH
ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file
CVE-2024-11595 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.8 HIGH
FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file
CVE-2024-0211 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.8 HIGH
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
CVE-2024-0210 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.8 HIGH
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
CVE-2024-0209 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.8 HIGH
IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
CVE-2024-0208 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.8 HIGH
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
CVE-2024-0207 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.8 HIGH
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
CVE-2023-6175 1 Wireshark 1 Wireshark 2026-06-17 N/A 7.8 HIGH
NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file
CVE-2023-6174 2 Debian, Wireshark 2 Debian Linux, Wireshark 2026-06-17 N/A 6.3 MEDIUM
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
CVE-2023-5371 1 Wireshark 1 Wireshark 2026-06-17 N/A 5.3 MEDIUM
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file
CVE-2023-4513 1 Wireshark 1 Wireshark 2026-06-17 N/A 5.3 MEDIUM
BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file
CVE-2023-4512 1 Wireshark 1 Wireshark 2026-06-17 N/A 5.3 MEDIUM
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file
CVE-2023-4511 1 Wireshark 1 Wireshark 2026-06-17 N/A 5.3 MEDIUM
BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file
CVE-2023-3649 1 Wireshark 1 Wireshark 2026-06-17 N/A 5.3 MEDIUM
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file
CVE-2023-3648 1 Wireshark 1 Wireshark 2026-06-17 N/A 5.3 MEDIUM
Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file
CVE-2023-2952 2 Debian, Wireshark 2 Debian Linux, Wireshark 2026-06-17 N/A 5.3 MEDIUM
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
CVE-2023-2906 1 Wireshark 1 Wireshark 2026-06-17 N/A 6.5 MEDIUM
Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.
CVE-2023-2879 2 Debian, Wireshark 2 Debian Linux, Wireshark 2026-06-17 N/A 6.3 MEDIUM
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file