CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1492 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2025-1492
20 Feb 2025 — Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file • https://gitlab.com/wireshark/wireshark/-/issues/20373 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11596 – Buffer Over-read in Wireshark
https://notcve.org/view.php?id=CVE-2024-11596
21 Nov 2024 — ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-15.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11595 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2024-11595
21 Nov 2024 — FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-14.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9781 – Improper Handling of Missing Values in Wireshark
https://notcve.org/view.php?id=CVE-2024-9781
10 Oct 2024 — AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-13.html • CWE-230: Improper Handling of Missing Values •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9780 – Missing Initialization of a Variable in Wireshark
https://notcve.org/view.php?id=CVE-2024-9780
10 Oct 2024 — ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file • https://www.wireshark.org/security/wnpa-sec-2024-12.html • CWE-456: Missing Initialization of a Variable •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8645 – Access of Uninitialized Pointer in Wireshark
https://notcve.org/view.php?id=CVE-2024-8645
10 Sep 2024 — SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file • https://gitlab.com/wireshark/wireshark/-/issues/19559 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8250 – Expired Pointer Dereference in Wireshark
https://notcve.org/view.php?id=CVE-2024-8250
28 Aug 2024 — NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file • https://gitlab.com/wireshark/wireshark/-/issues/19943 • CWE-825: Expired Pointer Dereference •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-4854 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2024-4854
14 May 2024 — MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file Los bucles infinitos de disección TLV de MONGO y ZigBee en Wireshark 4.2.0 a 4.2.4, 4.0.0 a 4.0.14 y 3.6.0 a 3.6.22 permiten la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19726 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-2955 – Mismatched Memory Management Routines in Wireshark
https://notcve.org/view.php?id=CVE-2024-2955
26 Mar 2024 — T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file La falla del disector T.38 en Wireshark 4.2.0 a 4.0.3 y 4.0.0 a 4.0.13 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19695 • CWE-762: Mismatched Memory Management Routines •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6175 – Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark
https://notcve.org/view.php?id=CVE-2023-6175
20 Nov 2023 — NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file La falla del analizador de archivos NetScreen en Wireshark 4.0.0 a 4.0.10 y 3.6.0 a 3.6.18 permite la denegación de servicio a través de un archivo de captura manipulado. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Wireshark. User interaction is required to exploit this vulnerability in that the target must open a specially craft... • https://gitlab.com/wireshark/wireshark/-/issues/19404 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •