EUVD-2026-26463

Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution...

EUVD-2026-26332

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

EUVD-2026-26327

MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7378 Heap-based Buffer Overflow in Wireshark

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

PT-2026-36057

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description An infinite loop in the MBIM protocol dissector can lead to a denial of service. Recommendations At the moment, there is no information about a newer...

PT-2026-36042

Name of the Vulnerable Software and Affected Versions sharkd versions 4.4.0 through 4.4.14 sharkd versions 4.6.0 through 4.6.4 Description A crash in the software allows for a denial of service, which occurs when the system becomes unavailable to its intended users. Recommendations At the moment,...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

CVE-2026-27316

The CVE-2026-27316 entry describes an insufficiently protected credentials vulnerability affecting Fortinet FortiSandbox: 5.0.0–5.0.5, FortiSandbox 4.4 (all versions), and FortiSandbox PaaS 5.0.1–5.0.5. Root cause: credentials stored or exposed in a way that can be read via client-side inspection...

CVE-2026-33869

Mastodon vulnerability CVE-2026-33869 affects the 4.5.x branch (before 4.5.8) and the 4.4.x branch (before 4.4.15). An attacker who knows of a quote before it reaches a server can cause the server to misprocess it, resulting in a denial of service for quote authorization. The issue does not affec...

PT-2026-28542

Name of the Vulnerable Software and Affected Versions Mastodon versions 4.5.0 through 4.5.7 Mastodon versions 4.4.0 through 4.4.14 Description Mastodon is a free, open-source social network server based on ActivityPub. An attacker who is aware of a quote before it has reached a server can prevent...

SUSE CVE-2026-3203

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

Wireshark Security Update (wnpa-sec-2025-04) - Linux

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

Wireshark Security Update (wnpa-sec-2025-04) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

EUVD-2015-7710

Malware in sbrugna...

Best Practical RT 跨站脚本漏洞

Best Practical RT is a request tracker from Best Practical, Inc. A cross-site scripting vulnerability exists in Best Practical RT versions 4.4 through 4.4.7 and 5.0 through 5.0.7, which stems from the injection of specially crafted parameters in the search URL that could lead to cross-site...

B&R Industrial Automation B&R APROL 安全漏洞

B&R Industrial Automation B&R APROL is a process control system from B&R Industrial Automation, Austria. A security vulnerability exists in B&R Industrial Automation B&R APROL versions prior to 4.4-00P5, which stems from insufficient script processing privileges and could allow an authenticated...

shadow-utils 安全漏洞

shadow-utils is an open source package from shadow-maint. A security vulnerability exists in shadow-utils versions 4.4 through 4.17.0, which stems from the fact that the default /etc/subuid configuration may conflict with the UIDs of local network users, leading to a risk of account takeover...

CVE-2023-4728 LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… <= 4.4 - Missing Authorization on publish_lp()

The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the publishlp function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and abov...

WordPress plugin Team Member – Team with Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

PT-2023-19101 · WordPress · Team With Slider

Name of the Vulnerable Software and Affected Versions: Sk. Abul Hasan Team Member – Team with Slider plugin versions = 4.4 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website...