CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2023-2879 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-2879
26 May 2023 — GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file GDSDB bucle infinito en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de inyección de paquetes o archivo de captura manipulado Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2879.json • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-2854 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-2854
25 May 2023 — BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file El fallo del analizador de archivos BLF en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2854.json • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-2855 – wireshark: Candump log file parser crash
https://notcve.org/view.php?id=CVE-2023-2855
25 May 2023 — Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file La falla del analizador de registros de Candump en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado A flaw was found in the Candump log file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. Multipl... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-2856 – wireshark: VMS TCPIPtrace file parser crash
https://notcve.org/view.php?id=CVE-2023-2856
25 May 2023 — VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file El fallo del analizador de archivos VMS TCPIPtrace en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado. A flaw was found in the VMS TCPIPtrace file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of s... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2856.json • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-2857 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-2857
25 May 2023 — BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file El fallo del analizador de archivos BLF en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2857.json • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-2858 – wireshark: NetScaler file parser crash
https://notcve.org/view.php?id=CVE-2023-2858
25 May 2023 — NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file El fallo del analizador de archivos BLF en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado. A flaw was found in the NetScaler file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. Multiple vuln... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2858.json • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2023-0668 – Wireshark IEEE-C37.118 parsing buffer overflow
https://notcve.org/view.php?id=CVE-2023-0668
25 May 2023 — Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. Debido a un fallo en la validación de la longitud proporcionada por un atacante de paquetes IEEE-C37.118, Wireshark v4.0.5 y anteriores, por defecto, es susceptible a un desbordamiento de búfer de la pila, y posiblemente la ejecución de código en ... • https://gitlab.com/wireshark/wireshark/-/issues/19087 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-1992 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-1992
12 Apr 2023 — RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file El fallo del disector RPCoRDMA en Wireshark 4.0.0 a 4.0.4 y 3.6.0 a 3.6.12 permite la denegación de servicio mediante la inyección de paquetes o un archivo de captura manipulado. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1992.json • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-1993 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-1993
12 Apr 2023 — LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file El bucle grande del disector LISP en Wireshark 4.0.0 a 4.0.4 y 3.6.0 a 3.6.12 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1993.json • CWE-834: Excessive Iteration •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 1CVE-2023-1994 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-1994
12 Apr 2023 — GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file El fallo del disector GQUIC en Wireshark 4.0.0 a 4.0.4 y 3.6.0 a 3.6.12 permite la denegación de servicio mediante la inyección de paquetes o un archivo de captura manipulado. Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1994.json • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •