Wireshark

Wireshark

680 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-25863

Exploit
  • EPSS 0.25%
  • Published 06.10.2020 15:15:15
  • Last modified 21.11.2024 05:18:55

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.

7.5

CVE-2020-25866

Exploit
  • EPSS 1.45%
  • Published 06.10.2020 15:15:15
  • Last modified 21.11.2024 05:18:56

In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasona...

7.5

CVE-2020-26575

  • EPSS 2.23%
  • Published 06.10.2020 15:15:15
  • Last modified 21.11.2024 05:20:06

In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.

6.5

CVE-2020-17498

Exploit
  • EPSS 0.23%
  • Published 13.08.2020 16:15:13
  • Last modified 21.11.2024 05:08:13

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.

7.5

CVE-2020-15466

  • EPSS 0.63%
  • Published 05.07.2020 11:15:09
  • Last modified 21.11.2024 05:05:33

In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.

7.5

CVE-2020-13164

  • EPSS 1.83%
  • Published 19.05.2020 22:15:12
  • Last modified 21.11.2024 05:00:47

In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.

7.5

CVE-2020-11647

  • EPSS 1.67%
  • Published 10.04.2020 21:15:11
  • Last modified 21.11.2024 04:58:19

In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.

7.5

CVE-2020-9431

Exploit
  • EPSS 4.4%
  • Published 27.02.2020 23:15:13
  • Last modified 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

7.5

CVE-2020-9428

Exploit
  • EPSS 8.18%
  • Published 27.02.2020 23:15:12
  • Last modified 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.

7.5

CVE-2020-9429

  • EPSS 0.59%
  • Published 27.02.2020 23:15:12
  • Last modified 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.