Page 5 of 38 results (0.018 seconds)

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. Debido a un fallo en la validación de la longitud proporcionada por un atacante de paquetes manipulados RTPS, Wireshark v4.0.5 y anteriores, por defecto, es susceptible a un desbordamiento de búfer de pila y posiblemente la ejecución de código en el contexto del proceso que ejecuta Wireshark. A flaw was found in the RTPS dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. • https://gitlab.com/wireshark/wireshark/-/issues/19085 https://security.gentoo.org/glsa/202309-02 https://takeonme.org/cves/CVE-2023-0666.html https://www.debian.org/security/2023/dsa-5429 https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html https://www.wireshark.org/security/wnpa-sec-2023-18.html https://access.redhat.com/security/cve/CVE-2023-0666 https://bugzilla.redhat.com/show_bug.cgi?id=2210832 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file El fallo del analizador de archivos BLF en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2857.json https://gitlab.com/wireshark/wireshark/-/issues/19063 https://security.gentoo.org/glsa/202309-02 https://www.debian.org/security/2023/dsa-5429 https://www.wireshark.org/security/wnpa-sec-2023-13.html • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file El fallo del analizador de archivos BLF en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado. A flaw was found in the NetScaler file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2858.json https://gitlab.com/wireshark/wireshark/-/issues/19081 https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html https://security.gentoo.org/glsa/202309-02 https://www.debian.org/security/2023/dsa-5429 https://www.wireshark.org/security/wnpa-sec-2023-15.html https://access.redhat.com/security/cve/CVE-2023-2858 https://bugzilla.redhat.com/show_bug.cgi?id=2210829 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file El fallo del analizador de archivos VMS TCPIPtrace en Wireshark 4.0.0 a 4.0.5 y 3.6.0 a 3.6.13 permite la denegación de servicio a través de un archivo de captura manipulado. A flaw was found in the VMS TCPIPtrace file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2856.json https://gitlab.com/wireshark/wireshark/-/issues/19083 https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html https://security.gentoo.org/glsa/202309-02 https://www.debian.org/security/2023/dsa-5429 https://www.wireshark.org/security/wnpa-sec-2023-16.html https://access.redhat.com/security/cve/CVE-2023-2856 https://bugzilla.redhat.com/show_bug.cgi?id=2210824 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. Debido a un fallo en la validación de la longitud proporcionada por un atacante de paquetes IEEE-C37.118, Wireshark v4.0.5 y anteriores, por defecto, es susceptible a un desbordamiento de búfer de la pila, y posiblemente la ejecución de código en el contexto del proceso que ejecuta Wireshark. A flaw was found in the IEEE C37.118 Synchrophasor dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service. • https://gitlab.com/wireshark/wireshark/-/issues/19087 https://security.gentoo.org/glsa/202309-02 https://takeonme.org/cves/CVE-2023-0668.html https://www.debian.org/security/2023/dsa-5429 https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html https://www.wireshark.org/security/wnpa-sec-2023-19.html https://access.redhat.com/security/cve/CVE-2023-0668 https://bugzilla.redhat.com/show_bug.cgi?id=2210835 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •