CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4513 – Missing Release of Memory after Effective Lifetime in Wireshark
https://notcve.org/view.php?id=CVE-2023-4513
24 Aug 2023 — BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file La pérdida de memoria del disector BT SDP en Wireshark 4.0.0 a 4.0.7 y 3.6.0 a 3.6.15 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19259 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4512 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2023-4512
24 Aug 2023 — CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file La falla del disector CBOR en Wireshark 4.0.0 a 4.0.6 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19144 • CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4511 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2023-4511
24 Aug 2023 — BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file El bucle infinito del disector BT SDP en Wireshark 4.0.0 a 4.0.7 y 3.6.0 a 3.6.15 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19258 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3649 – Buffer Over-read in Wireshark
https://notcve.org/view.php?id=CVE-2023-3649
14 Jul 2023 — iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file • https://gitlab.com/wireshark/wireshark/-/issues/19164 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3648 – Mismatched Memory Management Routines in Wireshark
https://notcve.org/view.php?id=CVE-2023-3648
14 Jul 2023 — Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file • https://gitlab.com/wireshark/wireshark/-/issues/19105 • CWE-762: Mismatched Memory Management Routines •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-0667 – Wireshark MSMMS parsing buffer overflow
https://notcve.org/view.php?id=CVE-2023-0667
07 Jun 2023 — Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark Debido a un fallo en la validación de la longitud proporcionada por un atacante en un paquete manipulado MSMMS, Wireshark v4.0.5 y anteriores, en una configuración inusual, es susceptible a un desbordamiento de búfer de pila, y posiblemen... • https://gitlab.com/wireshark/wireshark/-/issues/19086 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2023-2952 – wireshark: XRA dissector infinite loop
https://notcve.org/view.php?id=CVE-2023-2952
30 May 2023 — XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file El bucle infinito del disector XRA en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio mediante la inyección de paquetes o un archivo de captura manipulado A flaw was found in the XRA dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a den... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2952.json • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2023-2879 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-2879
26 May 2023 — GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file GDSDB bucle infinito en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de inyección de paquetes o archivo de captura manipulado Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2879.json • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-2855 – wireshark: Candump log file parser crash
https://notcve.org/view.php?id=CVE-2023-2855
25 May 2023 — Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file La falla del analizador de registros de Candump en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado A flaw was found in the Candump log file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. Multipl... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-2857 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-2857
25 May 2023 — BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file El fallo del analizador de archivos BLF en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2857.json • CWE-787: Out-of-bounds Write •