CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-9267
https://notcve.org/view.php?id=CVE-2018-9267
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-lapd.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14482 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8ed057f7faa709dbde34b91f0715a957837f74d9 https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9269
https://notcve.org/view.php?id=CVE-2018-9269
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-giop.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14484 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e19aba33026212cbe000ece633adf14d109489fa https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-9258
https://notcve.org/view.php?id=CVE-2018-9258
In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources. En Wireshark desde la versión 2.4.0 hasta la 2.4.5, el disector TCP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-tcp.c preservando los orígenes válidos de datos. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14472 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2d4695de1477df60b0188fd581c0c279db601978 https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html https://www.wireshark.org/security/wnpa-sec-2018-21.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9263
https://notcve.org/view.php?id=CVE-2018-9263
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, el disector Kerberos podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-kerberos.c garantizando una longitud de clave que no sea cero. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14576 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=4fe65168fd0de81306710330aa414f10f53cbdf0 https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-23.html •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9268
https://notcve.org/view.php?id=CVE-2018-9268
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-smb2.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14483 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=c69d710d2bf39fe633800db65efddf55701131b6 https://lists.debian.org/debian-lts-announce/2018/05/msg00019.html https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://www.wireshark.org/security/wnpa-sec-2018-24.html • CWE-772: Missing Release of Resource after Effective Lifetime •