Security Updates for Microsoft Visual Studio Products (June 2023)

The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution. CVE-2023-24897 - A remote...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-197)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-197 advisory. Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version between 4.0.0 to 4.0.5, by default, is susceptible to a heap-based buffer overflow, and...

OESA-2023-1321 wireshark security update

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices,and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful featur...

OESA-2023-1322 wireshark security update

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices,and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols.It has many powerful feature...

OESA-2023-1319 wireshark security update

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices,and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols.It has many powerful feature...

Tensoar IniParser 代码问题漏洞

Tensoar IniParser is a Javascript-based codebase for parsing Ini files from the individual developers at Tensoar. A security vulnerability exists in Tensoar IniParser version 4.1, which stems from a NULL pointer dereference issue in the iniparsergetlongint function...

SUSE-SU-2023:2320-1 Security update for wireshark

This update for wireshark fixes the following issues: Updated to version 3.6.14: - CVE-2023-2855: Fixed a crash in the Candump log file parser boo1211703. - CVE-2023-2856: Fixed a crash in the VMS TCPIPtrace file parser boo1211707. - CVE-2023-2857: Fixed a crash in the BLF file parser boo1211705....

Wireshark buffer overflow vulnerability (CNVD-2024-39273)

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark suffers from a security vulnerability that stems from a crash in the BLF file parser,...

CVE-2023-2854

A flaw was found in the BLF file parser of Wireshark. This issue occurs when decoding malformed packets from a PCAP file or the network, causing a buffer over-read, which results in a denial of service...

DEBIAN-CVE-2023-2857

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

DEBIAN-CVE-2023-2858

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

DEBIAN-CVE-2023-2854

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

CVE-2023-2854

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

CVE-2023-2856

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

Design/Logic Flaw

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

Design/Logic Flaw

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

SUSE CVE-2023-2857

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

CVE-2023-2857

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

CVE-2023-2854

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file...

CVE-2023-2858

The CVE-2023-2858 issue is a NetScaler file parser crash in Wireshark, reported for Wireshark versions 4.0.0–4.0.5 and 3.6.0–3.6.13, allowing a denial-of-service via crafted capture files. Connected advisories confirm the root cause is a parser crash in the NetScaler file parser within Wireshark....