CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-13946 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2025-13946
03 Dec 2025 — MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service • https://gitlab.com/wireshark/wireshark/-/issues/20884 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-13499 – Access of Uninitialized Pointer in Wireshark
https://notcve.org/view.php?id=CVE-2025-13499
21 Nov 2025 — Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service • https://gitlab.com/wireshark/wireshark/-/issues/20823 • CWE-824: Access of Uninitialized Pointer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-11626 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2025-11626
10 Oct 2025 — MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service This update for wireshark fixes the following issues. Fixed MONGO dissector infinite loop. • https://gitlab.com/wireshark/wireshark/-/issues/20724 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-9817 – NULL Pointer Dereference in Wireshark
https://notcve.org/view.php?id=CVE-2025-9817
03 Sep 2025 — SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service These are all security issues fixed in the libwireshark18-4.4.9-2.1 package on the GA media of openSUSE Tumbleweed. • https://gitlab.com/wireshark/wireshark/-/issues/20642 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-5601 – Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark
https://notcve.org/view.php?id=CVE-2025-5601
04 Jun 2025 — Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file Los fallos en el manejo de columnas en Wireshark 4.4.0 a 4.4.6 y 4.2.0 a 4.2.12 permiten la denegación de servicio mediante inyección de paquetes o un archivo de captura manipulado. These are all security issues fixed in the libwireshark18-4.4.7-1.1 package on the GA media of openSUSE Tumbleweed. • https://gitlab.com/wireshark/wireshark/-/issues/20509 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1492 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2025-1492
20 Feb 2025 — Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file A flaw was found in Wireshark. Bundle Protocol and CBOR dissector crashes in Wireshark allow denial of service via packet injection or crafted capture file. This update for wireshark fixes the following issues. Uncontrolled recursion leading to a stack buffer overflow can cause Bundle Protocol and CBOR dissector to crash. • https://gitlab.com/wireshark/wireshark/-/issues/20373 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11596 – Buffer Over-read in Wireshark
https://notcve.org/view.php?id=CVE-2024-11596
21 Nov 2024 — ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file This update for wireshark fixes the following issues. FiveCo RAP dissector infinite loop. ECMP dissector crash. • https://www.wireshark.org/security/wnpa-sec-2024-15.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11595 – Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
https://notcve.org/view.php?id=CVE-2024-11595
21 Nov 2024 — FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file This update for wireshark fixes the following issues. FiveCo RAP dissector infinite loop. ECMP dissector crash. • https://www.wireshark.org/security/wnpa-sec-2024-14.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9781 – Improper Handling of Missing Values in Wireshark
https://notcve.org/view.php?id=CVE-2024-9781
10 Oct 2024 — AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file These are all security issues fixed in the libwireshark18-4.4.1-1.1 package on the GA media of openSUSE Tumbleweed. • https://www.wireshark.org/security/wnpa-sec-2024-13.html • CWE-230: Improper Handling of Missing Values •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9780 – Missing Initialization of a Variable in Wireshark
https://notcve.org/view.php?id=CVE-2024-9780
10 Oct 2024 — ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file These are all security issues fixed in the libwireshark18-4.4.1-1.1 package on the GA media of openSUSE Tumbleweed. • https://www.wireshark.org/security/wnpa-sec-2024-12.html • CWE-456: Missing Initialization of a Variable •