CVE-2024-11596 – Buffer Over-read in Wireshark
https://notcve.org/view.php?id=CVE-2024-11596
ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-15.html https://gitlab.com/wireshark/wireshark/-/issues/20214 • CWE-126: Buffer Over-read •
CVE-2024-11595 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2024-11595
FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-14.html https://gitlab.com/wireshark/wireshark/-/issues/20176 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2024-9781 – Improper Handling of Missing Values in Wireshark
https://notcve.org/view.php?id=CVE-2024-9781
AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-13.html https://gitlab.com/wireshark/wireshark/-/issues/20114 • CWE-230: Improper Handling of Missing Values •
CVE-2024-9780 – Missing Initialization of a Variable in Wireshark
https://notcve.org/view.php?id=CVE-2024-9780
ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-12.html https://gitlab.com/wireshark/wireshark/-/issues/20026 • CWE-456: Missing Initialization of a Variable •
CVE-2024-8645 – Access of Uninitialized Pointer in Wireshark
https://notcve.org/view.php?id=CVE-2024-8645
SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file • https://gitlab.com/wireshark/wireshark/-/issues/19559 https://www.wireshark.org/security/wnpa-sec-2024-10.html • CWE-824: Access of Uninitialized Pointer •