76 matches found
SUSE CVE-2024-0207
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
CVE-2024-0207
A flaw was found in the HTTP3 dissector of Wireshark. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file...
CVE-2024-0207
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
CVE-2024-0207
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
Design/Logic Flaw
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
CVE-2024-0207 Out-of-bounds Read in Wireshark
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
CVE-2024-0207 Out-of-bounds Read in Wireshark
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
CVE-2024-0207
CVE-2024-0207 affects Wireshark 4.2.0, where the HTTP3 dissector crashes, allowing denial of service via packet injection or crafted capture files. Evidence from multiple sources confirms the vulnerability in the HTTP3 parser with DoS impact (CVE-2024-0207). remediation: upgrade to Wireshark 4.2....
CVE-2024-0207
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
CVE-2024-0207 Out-of-bounds Read in Wireshark
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
CVE-2024-0207
HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...
Wireshark 4.2.x < 4.2.1 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 4.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.2.1 advisory. - GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packe...
CVE-2023-36478
A flaw was found in Jetty http2-hpack and http3-qpack. If header values exceed the size limit and Huffman is the trueMetaDataBuilder.checkSize, the multiplication will overflow, and the length will become negative, causing a large buffer allocation on the server, leading to a Denial of Service Do...
org.eclipse.jetty.documentation:jetty-documentation (>=10.0.10 <=10.0.15), org.eclipse.jetty.http3:http3-client (>=10.0.10 <=10.0.15) +6 more potentially affected by CVE-2023-36478 via org.eclipse.jetty.http3:http3-qpack (>=10.0.10 <=10.0.15)
org.eclipse.jetty.http3:http3-qpack MAVEN version =10.0.10, =10.0.10, =10.0.10, =10.0.10, =10.0.10, =10.0.10, =10.0.10, =10.0.10, =5.26.1, =5.27.0 Source cves: CVE-2023-36478 Source advisory: OSV:GHSA-WGH7-54F2-X98R...
CVE-2023-27491 Envoy forwards invalid Http2/Http3 downstream headers
Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, There is a possibility that non compliant HTTP/1 service may allow malformed request...
BabyShark - Basic C2 Server
This is a basic C2 generic server written in Python and Flask. This code has based ideia to GTRS, which uses Google Translator as a proxy for sending commands to the infected host. The BabyShark project aims to centralize reverse connections with agents, creating a way to centralize several types...