wireshark: Heap-based Buffer Overflow in Wireshark

A flaw was found in the RDP protocol dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a heap-based buffer overflow, resulting in a denial of service or potentially in code execution...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound when decoding malformed MQTT packets, due to improper validation of the Remaining Length. An attacker can cause the broker to misinterpret payloads as multiple MQTT control packets by sending malicious...

PT-2025-39269

Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description An information disclosure issue exists while decoding an RTP packet received by a User Equipment UE from the network. This occurs when the payload length indicated in the packe...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets, which stems from an improper header length when decoding RTP packets could lead to information disclosure...

CVE-2021-43612

CVE-2021-43612 affects lldpd prior to version 1.0.13. In the sonmp_decode function, decoding short SONMP packets can trigger an out-of-bounds heap read. The vulnerability impacts the lldpd component and can lead to heap memory access violations; no exploitation details are provided in the availab...

Wolfssl 缓冲区错误漏洞

Wolfssl CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from Wolfssl, USA. A buffer error vulnerability exists in Wolfssl wolfMQTT that stems from the product's failure to properly determine memory boundaries when calling MqttDecodePublish from...

USN-3873-1 openvswitch vulnerabilities

It was discovered that Open vSwitch incorrectly decoded certain packets. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. CVE-2018-17204 It was discovered that Open vSwitch incorrectly handled processing certain flows. A remote...

freeradius: Infinite read in dhcp_attr2vp()

An out-of-bounds read flaw was found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP request...

USN-3369-1 freeradius vulnerabilities

Guido Vranken discovered that FreeRADIUS incorrectly handled memory when decoding packets. A remote attacker could use this issue to cause FreeRADIUS to crash or hang, resulting in a denial of service, or possibly execute arbitrary code...

gnutls DoS

Out-of-bounds read on packet decoding...

Wireshark 1.4.9 & Wireshark 1.6.2 updated version released

Wireshark 1.4.9 & Wireshark 1.6.2 updated version released Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. The following bugs have been fixed: configure ignores partially LDFLAGS. Bug 5607 Build fails when it...

broadcast-listener NSE Script

Sniffs the network for incoming broadcast communication and attempts to decode the received packets. It supports protocols like CDP, HSRP, Spotify, DropBox, DHCP, ARP and a few more. See packetdecoders.lua for more information. The script attempts to sniff all ethernet based interfaces with an IP...

RHEL 2.1 : tcpdump (RHSA-2003:033)

Updated tcpdump, libpcap, and arpwatch packages are available to fix an incorrect bounds check when decoding BGP packets and a possible denial of service. Tcpdump is a command-line tool for monitoring network traffic. The BGP decoding routines in tcpdump before version 3.6.2 used incorrect bounds...