CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0211 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2024-0211
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file El fallo del disector DOCSIS en Wireshark 4.2.0 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19557 https://www.wireshark.org/security/wnpa-sec-2024-05.html • CWE-674: Uncontrolled Recursion CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0210 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2024-0210
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file El fallo del disector Zigbee TLV en Wireshark 4.2.0 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19504 https://www.wireshark.org/security/wnpa-sec-2024-04.html • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2024-0209 – NULL Pointer Dereference in Wireshark
https://notcve.org/view.php?id=CVE-2024-0209
IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file El fallo del disector IEEE 1609.2 en Wireshark 4.2.0, 4.0.0 a 4.0.11 y 3.6.0 a 3.6.19 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19501 https://www.wireshark.org/security/wnpa-sec-2024-02.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2024-0208 – Improper Handling of Missing Values in Wireshark
https://notcve.org/view.php?id=CVE-2024-0208
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file El fallo del disector GVCP en Wireshark 4.2.0, 4.0.0 a 4.0.11 y 3.6.0 a 3.6.19 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19496 https://lists.debian.org/debian-lts-announce/2024/02/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34DBP5P2RHQ7XUABPANYYMOGV5KS6VEP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MADSCHKZSCKQ5NLIX3UMOIJD2JZ65L4V https://www.wireshark.org/security/wnpa-sec-2024-01.html • CWE-230: Improper Handling of Missing Values CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-0207 – Out-of-bounds Read in Wireshark
https://notcve.org/view.php?id=CVE-2024-0207
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file El fallo del disector HTTP3 en Wireshark 4.2.0 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19502 https://www.wireshark.org/security/wnpa-sec-2024-03.html • CWE-125: Out-of-bounds Read •