CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-5371 – Memory Allocation with Excessive Size Value in Wireshark
https://notcve.org/view.php?id=CVE-2023-5371
04 Oct 2023 — RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file La pérdida de memoria del disector RTPS en Wireshark 4.0.0 a 4.0.8 y 3.6.0 a 3.6.16 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado. Multiple out-of-bounds read vulnerabilities have been discovered in Wireshark. Versions greater than or equal to 4.0.11 are affected. • https://gitlab.com/wireshark/wireshark/-/issues/19322 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-2906 – Wireshark CP2179 divide by zero
https://notcve.org/view.php?id=CVE-2023-2906
25 Aug 2023 — Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. Debido a un error al validar la longitud proporcionada por un paquete CP2179 creado por un atacante, las versiones de Wireshark 2.0.0 a 4.0.7 son susceptibles a una división por cero, lo que permite un ataque de denegación de servicio. • https://gitlab.com/wireshark/wireshark/-/issues/19229 • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4513 – Missing Release of Memory after Effective Lifetime in Wireshark
https://notcve.org/view.php?id=CVE-2023-4513
24 Aug 2023 — BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file La pérdida de memoria del disector BT SDP en Wireshark 4.0.0 a 4.0.7 y 3.6.0 a 3.6.15 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19259 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4512 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2023-4512
24 Aug 2023 — CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file La falla del disector CBOR en Wireshark 4.0.0 a 4.0.6 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19144 • CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4511 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2023-4511
24 Aug 2023 — BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file El bucle infinito del disector BT SDP en Wireshark 4.0.0 a 4.0.7 y 3.6.0 a 3.6.15 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19258 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3649 – Buffer Over-read in Wireshark
https://notcve.org/view.php?id=CVE-2023-3649
14 Jul 2023 — iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file This update for wireshark fixes the following issues. • https://gitlab.com/wireshark/wireshark/-/issues/19164 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3648 – Mismatched Memory Management Routines in Wireshark
https://notcve.org/view.php?id=CVE-2023-3648
14 Jul 2023 — Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file This update for wireshark fixes the following issues. • https://gitlab.com/wireshark/wireshark/-/issues/19105 • CWE-762: Mismatched Memory Management Routines •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-0667 – Wireshark MSMMS parsing buffer overflow
https://notcve.org/view.php?id=CVE-2023-0667
07 Jun 2023 — Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark Debido a un fallo en la validación de la longitud proporcionada por un atacante en un paquete manipulado MSMMS, Wireshark v4.0.5 y anteriores, en una configuración inusual, es susceptible a un desbordamiento de búfer de pila, y posiblemen... • https://gitlab.com/wireshark/wireshark/-/issues/19086 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2023-2952 – wireshark: XRA dissector infinite loop
https://notcve.org/view.php?id=CVE-2023-2952
30 May 2023 — XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file El bucle infinito del disector XRA en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio mediante la inyección de paquetes o un archivo de captura manipulado A flaw was found in the XRA dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a den... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2952.json • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2023-2879 – Debian Security Advisory 5429-1
https://notcve.org/view.php?id=CVE-2023-2879
26 May 2023 — GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file GDSDB bucle infinito en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de inyección de paquetes o archivo de captura manipulado Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2879.json • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •