35 matches found
wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark
A flaw was found in the USB HID dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of memory, resulting in a denial of service...
CVE-2026-5405
A flaw was found in the RDP protocol dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a heap-based buffer overflow, resulting in a denial of service or potentially in code execution. Mitigation If the RDP protocol dissector is n...
CVE-2026-6522
The CVE concerns a vulnerability in Wireshark’s RPKI-Router protocol dissector that can trigger an infinite loop, leading to a denial of service. Affected versions are Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14. The root cause is an infinite loop in the dissector when processing RPKI-Router data. The...
PT-2026-21913
Name of the Vulnerable Software and Affected Versions Wireshark versions 4.4.0 through 4.4.13 Wireshark versions 4.6.0 through 4.6.3 Description The USB HID protocol dissector in Wireshark is susceptible to memory exhaustion, potentially leading to a denial of service. The issue occurs when...
CVE-2025-13945
A flaw was found in the HTTP3 dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of CPU and memory resources, resulting in a denial of service. Mitigation If the HTTP3 protocol dissector is not being used,...
Linux Distros Unpatched Vulnerability : CVE-2025-11626
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service CVE-2025-11626 Note that Nessus relies on the presence of...
SUSE CVE-2006-5740
Unspecified vulnerability in the LDAP dissector in Wireshark formerly Ethereal 0.99.3 allows remote attackers to cause a denial of service crash via a crafted LDAP packet...
SUSE CVE-2012-1596
The mp2tprocessfragmentedpayload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service application crash via a packet containing an invalid pointer value that triggers an incorre...
SUSE CVE-2015-8713
epan/dissectors/packet-umtsfp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service out-of-bounds memory access and application crash via a crafted packet...
SUSE CVE-2016-5351
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOLRSNKEY, which allows remote attackers to cause a denial of service application crash via a crafted packet...
SUSE CVE-2020-8036
The tok2strbuf function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way...
The vulnerability in the 6LoWPAN dissector of the Wireshark network traffic analysis tool is related to insufficient validation of input data. This allows a hacker to trigger a service failure.
The vulnerability in the 6LoWPAN dissector of the Wireshark network traffic analyzer program is related to the failure to use a virtual buffer for testing before calling the dissector. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
UBUNTU-CVE-2016-7178
epan/dissectors/packet-umtsfp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service invalid write access and application crash via a crafted packet...
The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.
The vulnerability exists in the srtpaddaddress function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark, due to an incorrect update of the SRTP dialog data. Exploiting this vulnerability allows malicious actors operating remotely to cause a service failure abrupt termination of ...
DEBIAN-CVE-2016-4416
epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...
UBUNTU-CVE-2016-4082
epan/dissectors/packet-gsmcbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service out-of-bounds access and application crash via a crafted packet...
DEBIAN-CVE-2015-3182
epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service application crash via a crafted packet...
DEBIAN-CVE-2015-4652
epan/dissectors/packet-gsmadtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service application crash via a crafted packet, related to the deemergnumlist and debcdnum functions...
UBUNTU-CVE-2014-2907
The srtpaddaddress function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service application crash via a crafted packet...
wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36)
Integer overflow in the dissectiscsipdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service infinite loop via a malformed packet...