38 results (0.027 seconds)

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file • https://gitlab.com/wireshark/wireshark/-/issues/19559 https://www.wireshark.org/security/wnpa-sec-2024-10.html • CWE-824: Access of Uninitialized Pointer •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file • https://gitlab.com/wireshark/wireshark/-/issues/19943 https://www.wireshark.org/security/wnpa-sec-2024-11.html • CWE-825: Expired Pointer Dereference •

CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file Los bucles infinitos de disección TLV de MONGO y ZigBee en Wireshark 4.2.0 a 4.2.4, 4.0.0 a 4.0.14 y 3.6.0 a 3.6.22 permiten la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19726 https://gitlab.com/wireshark/wireshark/-/merge_requests/15047 https://gitlab.com/wireshark/wireshark/-/merge_requests/15499 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ https://www.wireshark.org/security/wnpa-sec-2024-07.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file La falla del disector T.38 en Wireshark 4.2.0 a 4.0.3 y 4.0.0 a 4.0.13 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19695 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7TWJQKXOV4HYI5C4TWRKTN7B5YL7GTU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZD2MNS6EW2K2SSMN4YBGPZCC47KBDNEE https://www.wireshark.org/security/wnpa-sec-2024-06.html • CWE-762: Mismatched Memory Management Routines •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file El fallo del disector IEEE 1609.2 en Wireshark 4.2.0, 4.0.0 a 4.0.11 y 3.6.0 a 3.6.19 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19501 https://www.wireshark.org/security/wnpa-sec-2024-02.html • CWE-476: NULL Pointer Dereference •