| CVE-2021-39929 |
AVG-2564 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed Bluetooth DHT packet onto the wire or by convincing someone to... |
| CVE-2021-39928 |
AVG-2564 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed IEEE 802.11 packet onto the wire or by convincing someone to read... |
| CVE-2021-39926 |
AVG-2564 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed Bluetooth HCI_ISO packet onto the wire or by convincing someone to... |
| CVE-2021-39925 |
AVG-2564 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed Bluetooth SDP packet onto the wire or by convincing someone to... |
| CVE-2021-39924 |
AVG-2564 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.10 consume excessive CPU resources by injecting a malformed Bluetooth DHT packet onto the wire or by... |
| CVE-2021-39922 |
AVG-2564 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed C12.22 packet onto the wire or by convincing someone to read a... |
| CVE-2021-39921 |
AVG-2564 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed Modbuss packet onto the wire or by convincing someone to read a... |
| CVE-2021-39920 |
AVG-2564 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.10 crash by injecting a malformed IPPUSB packet onto the wire or by convincing someone to read a... |
| CVE-2021-22235 |
AVG-2160 |
Low |
Yes |
Denial of service |
It may be possible to make Wireshark before version 3.4.7 crash by injecting a malformed DNP3 packet onto the wire or by convincing someone to read a... |
| CVE-2021-22222 |
AVG-2037 |
Low |
Yes |
Denial of service |
An infinite loop in the DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows a denial of service via packet injection or a crafted capture file. |
| CVE-2021-22207 |
AVG-1864 |
Low |
Yes |
Denial of service |
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or a crafted... |
| CVE-2021-22174 |
AVG-1510 |
Low |
Yes |
Denial of service |
A denial of service has been found in Wireshark before 3.4.3, in the USB HID dissector. It can be triggered by injecting a malformed packet onto the wire or... |
| CVE-2021-22173 |
AVG-1510 |
Low |
Yes |
Denial of service |
A memory leak leading to denial of service has been found in Wireshark before 3.4.3, in the USB HID dissector. It can be triggered by injecting a malformed... |
| CVE-2020-28030 |
AVG-1258 |
Low |
Yes |
Denial of service |
A resource exhaustion issue has been found in the GQUIC decoder of Wireshark before 3.2.8. |
| CVE-2020-26422 |
AVG-1377 |
Medium |
Yes |
Denial of service |
A buffer overflow in the QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or a crafted capture file. |
| CVE-2020-26421 |
AVG-1352 |
Medium |
Yes |
Denial of service |
A crash in the USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection... |
| CVE-2020-26420 |
AVG-1352 |
Medium |
Yes |
Denial of service |
A memory leak in the RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or a crafted capture file. |
| CVE-2020-26419 |
AVG-1352 |
Medium |
Yes |
Denial of service |
A memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or a crafted capture file. |
| CVE-2020-26418 |
AVG-1352 |
Medium |
Yes |
Denial of service |
A memory leak in the Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or a crafted capture file. |
| CVE-2020-15466 |
AVG-1198 |
Low |
Yes |
Denial of service |
An infinite loop has been found in the GVCP dissector of Wireshark before 3.2.5. It may be possible to make Wireshark consume excessive CPU resources by... |
| CVE-2020-11647 |
AVG-1129 |
Critical |
Yes |
Arbitrary code execution |
A stack overflow has been found in the fAbstractSyntaxNType function of the BACApp dissector of Wireshark versions prior to 3.2.3, which could be triggered... |
| CVE-2019-5719 |
AVG-844 |
Low |
Yes |
Denial of service |
A NULL-pointer dereference has been found in the ISAKMP dissector of Wireshark versions prior to 2.6.6, which could be triggered by injecting a malformed... |
| CVE-2019-5718 |
AVG-844 |
Medium |
Yes |
Information disclosure |
An out-of-bounds read has been found in the RTSE dissector of Wireshark versions prior to 2.6.6, which could be triggered by injecting a malformed packet... |
| CVE-2019-5717 |
AVG-844 |
Low |
Yes |
Denial of service |
A NULL-pointer dereference has been found in the P_MUL dissector of Wireshark versions prior to 2.6.6, which could be triggered by injecting a malformed... |
| CVE-2019-5716 |
AVG-844 |
Low |
Yes |
Denial of service |
An assertion failure has been found in the 6LoWPAN dissector of Wireshark versions prior to 2.6.6, which could be triggered by injecting a malformed packet... |
| CVE-2018-19628 |
AVG-825 |
Low |
Yes |
Denial of service |
A divide-by-zero error has been found in the ZigBee ZCL dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed... |
| CVE-2018-19627 |
AVG-825 |
Medium |
Yes |
Information disclosure |
An out-of-bounds read has been found in the IxVeriWave file parser of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed... |
| CVE-2018-19626 |
AVG-825 |
Medium |
Yes |
Information disclosure |
An out-of-bounds read has been found in the DCOM dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed packet... |
| CVE-2018-19625 |
AVG-825 |
Medium |
Yes |
Information disclosure |
An out-of-bounds read has been found in the dissection engine of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed packet... |
| CVE-2018-19624 |
AVG-825 |
Low |
Yes |
Denial of service |
A NULL-pointer dereference has been found in the PVFS dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a malformed... |
| CVE-2018-19623 |
AVG-825 |
Critical |
Yes |
Arbitrary code execution |
A heap-based out-of-bounds write has been found in the LBMPDM dissector of Wireshark versions prior to 2.6.5, which could be triggered by injecting a... |
| CVE-2018-19622 |
AVG-825 |
Low |
Yes |
Denial of service |
A security issue has been found in the MMSE dissector of Wireshark versions prior to 2.6.5, which could be made to consume excessive CPU resources by... |
| CVE-2018-18227 |
AVG-779 |
Low |
Yes |
Denial of service |
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the MS-WSP dissector where an invalid type could lead to an assertion failure. This could be... |
| CVE-2018-18226 |
AVG-779 |
Low |
Yes |
Denial of service |
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the Steam IHS Discovery dissector where dynamically allocated memory was not properly freed... |
| CVE-2018-18225 |
AVG-779 |
Low |
Yes |
Denial of service |
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the CoAP dissector where an invalid frame could lead to NULL-pointer dereference. This could... |
| CVE-2018-12086 |
AVG-779 |
High |
Yes |
Arbitrary code execution |
A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the OpcUa dissector where a specially crafted structured request could lead to stack... |
| CVE-2018-11362 |
AVG-708 |
Medium |
Yes |
Information disclosure |
An out-of-bounds read has been found in the LDSS dissector of Wireshark <= 2.6.0. |
| CVE-2018-11361 |
AVG-708 |
Low |
Yes |
Denial of service |
A heap-based out-of-bounds read has been found in the IEEE 802.11 dissector of Wireshark <= 2.6.0. |
| CVE-2018-11360 |
AVG-708 |
Critical |
Yes |
Arbitrary code execution |
A heap-based off-by-one write has been found in the GSM A DTAP dissector of Wireshark <= 2.6.0. |
| CVE-2018-11359 |
AVG-708 |
Low |
Yes |
Denial of service |
A null-pointer dereference has been found in several dissectors of Wireshark <= 2.6.0. |
| CVE-2018-11358 |
AVG-708 |
Critical |
Yes |
Arbitrary code execution |
A heap-based use-after-free has been found in the Q.931 dissector of Wireshark <= 2.6.0. |
| CVE-2018-11357 |
AVG-708 |
Low |
Yes |
Denial of service |
An integer overflow leading to excessive memory allocation has been found in several dissectors of Wireshark <= 2.6.0. |
| CVE-2018-11356 |
AVG-708 |
Low |
Yes |
Denial of service |
A null-pointer dereference has been found in the DNS dissector of Wireshark <= 2.6.0. |
| CVE-2018-11355 |
AVG-708 |
Critical |
Yes |
Arbitrary code execution |
A heap-based buffer overflow has been found in the RTCP dissector of Wireshark <= 2.6.0. |
| CVE-2018-11354 |
AVG-708 |
Medium |
Yes |
Information disclosure |
An out-of-bounds read has been found in the IEEE 1905.1a dissector of Wireshark <= 2.6.0. |
| CVE-2017-15193 |
AVG-440 |
Medium |
Yes |
Denial of service |
A flaw has been discovered in wireshark before 2.4.2 in the MBIM dissector when pre sizing wmem arrays leading to resource consumption and application crash... |
| CVE-2017-15192 |
AVG-440 |
Medium |
Yes |
Denial of service |
A flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector leading to application crash by injecting a malformed packet onto the wire or... |
| CVE-2017-15191 |
AVG-440 |
Medium |
Yes |
Denial of service |
A length check flaw has been discovered in wireshark before 2.4.2 in the BT ATT dissector when 7bit strings were decoded leading to application crash by... |
| CVE-2017-15190 |
AVG-440 |
Medium |
Yes |
Denial of service |
A stack pointer use after scope flaw has been discovered in wireshark before 2.4.2 in the RTSP dissector leading to application crash by injecting a... |
| CVE-2017-15189 |
AVG-440 |
Medium |
Yes |
Denial of service |
An infinite loop flaw has been discovered in wireshark before 2.4.2 in the DOCSIS dissector leading to excessive consumption of CPU resources by injecting a... |
| CVE-2017-11411 |
AVG-356 |
Low |
Yes |
Denial of service |
A security issue has been found in the openSAFETY dissector of wireshark <= 2.2.7. A crafted packet could make wireshark allocate a huge amount of memory,... |
| CVE-2017-11410 |
AVG-356 |
Low |
Yes |
Denial of service |
A security issue has been found in the WBXML dissector of wireshark <= 2.2.7. A crafted packet could make wireshark go into an infinite loop, causing a... |
| CVE-2017-11408 |
AVG-356 |
Low |
Yes |
Denial of service |
A security issue has been found in the AMQP dissector of wireshark <= 2.2.7. A crafted packet could make wireshark overflow the stack by getting into a... |
| CVE-2017-11407 |
AVG-356 |
Low |
Yes |
Denial of service |
A security issue has been found in the MQ dissector of wireshark <= 2.2.7. A crafted packet could make wireshark try to allocate a huge amount of memory,... |
| CVE-2017-11406 |
AVG-356 |
Low |
Yes |
Denial of service |
A security issue has been found in the DOCSIS dissector of wireshark <= 2.2.7. A crafted packet could make wireshark go into an infinite loop, causing a... |
| CVE-2017-9354 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the RGMP dissector of Wireshark < 2.2.7, where a NULL pointer dereference can be triggered by injecting a malicious packet into... |
| CVE-2017-9353 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the IPv6 dissector of Wireshark < 2.2.7, where a NULL pointer dereference can be triggered by injecting a malicious packet into... |
| CVE-2017-9352 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the bazaar dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire... |
| CVE-2017-9351 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the DHCP dissector of Wireshark < 2.2.7, where a heap-based out-of-bounds read can be triggered by injecting a malicious packet... |
| CVE-2017-9350 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the openSAFETY dissector of Wireshark < 2.2.7, where an over-sized memory allocation can be triggered by injecting a malicious... |
| CVE-2017-9349 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the DICOM dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire... |
| CVE-2017-9348 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the DOF dissector of Wireshark < 2.2.7, where a heap-based out-of-bounds read can be triggered by injecting a malicious packet... |
| CVE-2017-9347 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the ROS dissector of Wireshark < 2.2.7, where an NULL pointer dereference can be triggered by injecting a malicious packet into... |
| CVE-2017-9346 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the SoulSeek dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the... |
| CVE-2017-9345 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the DNS dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire or... |
| CVE-2017-9344 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the BT L2CAP dissector of Wireshark < 2.2.7, where a division by zero can be triggered by injecting a malicious packet into the... |
| CVE-2017-9343 |
AVG-287 |
Low |
Yes |
Denial of service |
An issue has been found in the MSNIP dissector of Wireshark < 2.2.7, where NULL pointer dereference can be triggered by injecting a malicious packet into... |
| CVE-2017-7702 |
AVG-356 |
Low |
Yes |
Denial of service |
A security issue has been found in the WBXML dissector of wireshark <= 2.2.7. It is possible to make Wireshark consume excessive CPU resources by injecting... |
| CVE-2017-5596 |
AVG-225 |
Medium |
Yes |
Denial of service |
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture... |
| CVE-2016-9376 |
AVG-78 |
Medium |
Yes |
Denial of service |
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file.... |
| CVE-2016-9375 |
AVG-78 |
Medium |
Yes |
Denial of service |
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was... |
| CVE-2016-9374 |
AVG-78 |
Medium |
Yes |
Denial of service |
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file.... |
| CVE-2016-9373 |
AVG-78 |
High |
Yes |
Arbitrary code execution |
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This... |
| CVE-2016-7180 |
AVG-3 |
Medium |
Yes |
Denial of service |
It may be possible to make Wireshark crash via the IPMI Trace dissector by injecting a malformed packet onto the wire or by convincing someone to read a... |
| CVE-2016-7179 |
AVG-3 |
Medium |
Yes |
Denial of service |
It may be possible to make Wireshark crash via the Catapult DCT2000 dissector by injecting a malformed packet onto the wire or by convincing someone to read... |
| CVE-2016-7178 |
AVG-3 |
Medium |
Yes |
Denial of service |
It may be possible to make Wireshark crash via the UMTS FP dissector by injecting a malformed packet onto the wire or by convincing someone to read a... |
| CVE-2016-7177 |
AVG-3 |
Medium |
Yes |
Denial of service |
It may be possible to make Wireshark crash via the Catapult DCT2000 dissector by injecting a malformed packet onto the wire or by convincing someone to read... |
| CVE-2016-7176 |
AVG-3 |
Medium |
Yes |
Denial of service |
It may be possible to make Wireshark crash via the H.225 dissector by injecting a malformed packet onto the wire or by convincing someone to read a... |
| CVE-2016-7175 |
AVG-3 |
Medium |
Yes |
Denial of service |
It may be possible to make Wireshark crash via the QNX6 QNET dissector by injecting a malformed packet onto the wire or by convincing someone to read a... |