CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-4854 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2024-4854
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file Los bucles infinitos de disección TLV de MONGO y ZigBee en Wireshark 4.2.0 a 4.2.4, 4.0.0 a 4.0.14 y 3.6.0 a 3.6.22 permiten la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19726 https://gitlab.com/wireshark/wireshark/-/merge_requests/15047 https://gitlab.com/wireshark/wireshark/-/merge_requests/15499 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ https://www.wireshark.org/security/wnpa-sec-2024-07.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-2955 – Mismatched Memory Management Routines in Wireshark
https://notcve.org/view.php?id=CVE-2024-2955
T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file La falla del disector T.38 en Wireshark 4.2.0 a 4.0.3 y 4.0.0 a 4.0.13 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19695 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7TWJQKXOV4HYI5C4TWRKTN7B5YL7GTU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZD2MNS6EW2K2SSMN4YBGPZCC47KBDNEE https://www.wireshark.org/security/wnpa-sec-2024-06.html • CWE-762: Mismatched Memory Management Routines •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0211 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2024-0211
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file El fallo del disector DOCSIS en Wireshark 4.2.0 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19557 https://www.wireshark.org/security/wnpa-sec-2024-05.html • CWE-674: Uncontrolled Recursion CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0210 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2024-0210
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file El fallo del disector Zigbee TLV en Wireshark 4.2.0 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19504 https://www.wireshark.org/security/wnpa-sec-2024-04.html • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2024-0209 – NULL Pointer Dereference in Wireshark
https://notcve.org/view.php?id=CVE-2024-0209
IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file El fallo del disector IEEE 1609.2 en Wireshark 4.2.0, 4.0.0 a 4.0.11 y 3.6.0 a 3.6.19 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19501 https://www.wireshark.org/security/wnpa-sec-2024-02.html • CWE-476: NULL Pointer Dereference •