SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2023:4938-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4938-1 advisory. - The NetScreen file parser could crash. It may be possible to make Wireshark crash by injecting a...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-440)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-440 advisory. SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file CVE-2023-6174 A heap based buffer overflow in Wireshark's NetScreen file...

Medium: wireshark

Issue Overview: SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file CVE-2023-6174 A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file...

Medium: wireshark

Issue Overview: A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted capture file. CVE-2023-6175 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...

Amazon Linux 2 : wireshark (ALAS-2023-2348)

The version of wireshark installed on the remote host is prior to 2.6.2-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2348 advisory. A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted...

Heap-based Buffer Overflow

wireshark is vulnerable to Heap-based Buffer Overflow. The vulnerability is caused due to a component NetScreen file parser which could crash. An attacker can crash Wireshark by injecting a malformed packet onto the wire or making a user to read a malformed packet trace file...

Debian DSA-5559-1 : wireshark - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5559 advisory. A vulnerability was discovered in the SSH dissector of Wireshark, a network protocol analyzer, which could result in denial of service or potentially the executio...

Wireshark 3.6.x < 3.6.19 A Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 3.6.19. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.6.19 advisory. - The NetScreen file parser could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto...

wireshark security update

1:3.4.10-6 - Resolves: 2211413 - XRA dissector infinite loop 1:3.4.10-5 - Resolves: 2210864 - Candump log file parser crash Resolves: 2210865 - VMS TCPIPtrace file parser crash Resolves: 2210868 - NetScaler file parser crash Resolves: 2210870 - RTPS dissector crash Resolves: 2210871 - IEEE C37.11...

QNAP QTS / QuTS hero Multiple Vulnerabilities in ClamAV (QSA-23-26)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by multiple vulnerabilities as referenced in the QSA-23-26 advisory. - A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7and earlier could allow an...

SUSE: Security Advisory (SUSE-SU-2023:3456-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4041 Second Stage Gecko Bootloader GBL Parser Buffer Overrun Vulnerability

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM Firmware Update File Parser modules allows Code Injection, Authentication Bypass.This issue affects "Standalone...

CVE-2023-4041 Second Stage Gecko Bootloader GBL Parser Buffer Overrun Vulnerability

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM Firmware Update File Parser modules allows Code Injection, Authentication Bypass.This issue affects "Standalone...

CVE-2023-4041

Silicon Labs Gecko Bootloader (ARM) contains a Buffer Copy without Checking Size ('Classic Buffer Overflow') along with an Out-of-bounds Write and Download of Code Without Integrity Check in its Firmware Update File Parser. This vulnerability may allow Code Injection and Authentication Bypass in ...

UBUNTU-CVE-2020-24293

Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 r1859 allows remote attackers to run arbitrary code via opening of crafted psd file...

UBUNTU-CVE-2020-24294

Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 r1859 allows remote attackers to cuase a denial of service via opening of crafted psd file...

clamav -- Possible denial of service vulnerability in the AutoIt file parser

The ClamAV project reports: There is a possible denial of service vulnerability in the AutoIt file parser...

Denial Of Service (DoS)

wireshark is vulnerable to Denial Of Service DoS. The vulnerability exists through the BLF file parser in the library, allowing an attacker to cause an application crash via maliciously crafted file...

Denial Of Service (DoS)

wireshark is vulnerable to Denial Of Service DoS. The vulnerability exists through the BLF file parser in the library, allowing an attacker to cause an application crash via maliciously crafted file...

OESA-2023-1388 iniparser security update

This modules offers parsing of ini files from the C level. See a complete documentation in HTML format, from this directory open the file html/index.html with any HTML-capable browser. Security Fixes: iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparsergetlongint which...