Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: wireshark (CVE-2024-4854)

The version of wireshark installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4854 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to...

7.5CVSS6.7AI score0.00811EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/10 12:0 a.m.35 views

SUSE SLED15: libwireshark17 / libwiretap14 / libwsutil15 / wireshark / etc (SUSE-SU-2024:3165-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3165-1 advisory. wireshark was updated from version 3.6.23 to version 4.2.6 jscPED-8517: - Security issues fixed...

7.8CVSS6.6AI score0.03456EPSS
Exploits7References34
OpenVAS
OpenVAS
added 2024/08/20 12:0 a.m.16 views

openSUSE Security Advisory (SUSE-SU-2024:1865-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.00811EPSS
Exploits2References6
OSV
OSV
added 2024/07/02 8:14 a.m.20 views

SUSE-SU-2024:2265-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to version 3.6.22: - CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops bsc1224274 - CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet bsc1224259 - CVE-2024-4855: Th...

7.5CVSS5.4AI score0.00811EPSS
Exploits2References7
Veracode
Veracode
added 2024/05/23 11:16 a.m.17 views

Denial Of Service (DOS)

Wireshark is vulnerable to Denial Of Service DOS. The vulnerability is due to MONGO and ZigBee TLV dissector infinite loops resulting in Unreachable Exit Condition via packet injection or crafted capture file...

7.5CVSS7.3AI score0.00811EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2024/05/16 2:23 a.m.3 views

SUSE CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

5.7CVSS7AI score0.00811EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/05/15 10:24 p.m.51 views

CVE-2024-4854

A flaw was found in the MONGO and ZigBee TLV dissectors of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently...

6.5CVSS6.1AI score0.00811EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2024/05/15 12:0 a.m.9 views

KLA67586 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in MONGO and ZigBee TLV dissectors can be exploited to cause denial of service. 2. Denial...

7.5CVSS5.8AI score0.00811EPSS
Exploits1References4
OSV
OSV
added 2024/05/14 3:45 p.m.5 views

AZL-42564 CVE-2024-4854 affecting package wireshark for versions less than 4.4.7-1

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file...

7.5CVSS7.1AI score0.00811EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 12:3 a.m.81 views

CVE-2024-4854

CVE-2024-4854 – Wireshark dissector infinite loop Affected: Wireshark versions 3.6.0–3.6.22, 4.0.0–4.0.14, and 4.2.0–4.2.4, where the MONGO and ZigBee TLV dissectors can enter infinite loops. This can enable a denial-of-service via crafted capture files or packet injection. Multiple connected adv...

7.5CVSS6.5AI score0.00811EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2024/01/03 5:3 p.m.31 views

CVE-2024-0210

A flaw was found in the TLV dissector of Wireshark. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file...

5.5CVSS7.4AI score0.0047EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/03 7:31 a.m.29 views

CVE-2024-0210 Uncontrolled Recursion in Wireshark

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...

7.8CVSS7.8AI score0.0047EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/01/03 7:31 a.m.2 views

CVE-2024-0210 Uncontrolled Recursion in Wireshark

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file...

7.8CVSS7.8AI score0.0047EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/01/03 12:0 a.m.3 views

PT-2024-15387 · Wireshark +1 · Wireshark +1

Name of the Vulnerable Software and Affected Versions: Wireshark version 4.2.0 Description: The issue allows for denial of service via packet injection or crafted capture file, specifically affecting the Zigbee TLV dissector in Wireshark. Recommendations: For Wireshark version 4.2.0, update to a...

7.8CVSS7.8AI score0.03456EPSS
Exploits9References77
Rows per page
Query Builder