Wireshark Foundation Wireshark vulnerabilities

83 known vulnerabilities affecting wireshark_foundation/wireshark.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL1HIGH41MEDIUM41

Vulnerabilities

Page 3 of 5

CVE-2023-2952MEDIUMCVSS 6.5v>=4.0.0, <4.0.6v>=3.6.0, <3.6.142023-05-30

CVE-2023-2952 [MEDIUM] CWE-835 CVE-2023-2952: XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-2879HIGHCVSS 7.5v>=4.0.0, <4.0.6v>=3.6.0, <3.6.142023-05-26

CVE-2023-2879 [HIGH] CWE-835 CVE-2023-2879: GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via pac GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-2854MEDIUMCVSS 6.5v>=4.0.0, <4.0.6v>=3.6.0, <3.6.142023-05-26

CVE-2023-2854 [MEDIUM] CWE-787 CVE-2023-2854: BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via c BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

cvelistv5nvd

CVE-2023-2856MEDIUMCVSS 6.5v>=4.0.0, <4.0.6v>=3.6.0, <3.6.142023-05-26

CVE-2023-2856 [MEDIUM] CWE-787 CVE-2023-2856: VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of se VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

cvelistv5nvd

CVE-2023-2857MEDIUMCVSS 6.5v>=4.0.0, <4.0.6v>=3.6.0, <3.6.142023-05-26

CVE-2023-2857 [MEDIUM] CWE-787 CVE-2023-2857: BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via c BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

cvelistv5nvd

CVE-2023-2855MEDIUMCVSS 6.5v>=4.0.0, <4.0.6v>=3.6.0, <3.6.142023-05-26

CVE-2023-2855 [MEDIUM] CWE-787 CVE-2023-2855: Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service vi Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

cvelistv5nvd

CVE-2023-2858MEDIUMCVSS 6.5v>=4.0.0, <4.0.6v>=3.6.0, <3.6.142023-05-26

CVE-2023-2858 [MEDIUM] CWE-787 CVE-2023-2858: NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

cvelistv5nvd

CVE-2023-1992HIGHCVSS 7.5v>=4.0.0, <4.0.5v>=3.6.0, <3.6.132023-04-12

CVE-2023-1992 [HIGH] CWE-400 CVE-2023-1992: RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service vi RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-1994MEDIUMCVSS 6.5v>=4.0.0, <4.0.5v>=3.6.0, <3.6.132023-04-12

CVE-2023-1994 [MEDIUM] CWE-400 CVE-2023-1994: GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via p GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-1993MEDIUMCVSS 6.5v>=4.0.0, <4.0.5v>=3.6.0, <3.6.132023-04-12

CVE-2023-1993 [MEDIUM] CWE-834 CVE-2023-1993: LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service v LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-1161HIGHCVSS 7.1v>=4.0.0, <4.0.4v>=3.6.0, <3.6.122023-03-06

CVE-2023-1161 [HIGH] CWE-120 CVE-2023-1161: ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denia ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-0412HIGHCVSS 7.1v>=4.0.0, <4.0.3v>=3.6.0, <3.6.112023-01-26

CVE-2023-0412 [HIGH] CWE-404 CVE-2023-0412: TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service vi TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-0414MEDIUMCVSS 6.5v>=4.0.0, <4.0.32023-01-26

CVE-2023-0414 [MEDIUM] CWE-404 CVE-2023-0414: Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-0411MEDIUMCVSS 6.5v>=4.0.0, <4.0.3v>=3.6.0, <3.6.112023-01-26

CVE-2023-0411 [MEDIUM] CWE-834 CVE-2023-0411: Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows de Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-0413MEDIUMCVSS 6.5v>=4.0.0, <4.0.3v>=3.6.0, <3.6.112023-01-26

CVE-2023-0413 [MEDIUM] CWE-404 CVE-2023-0413: Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service v Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-0415MEDIUMCVSS 6.5v>=4.0.0, <4.0.3v>=3.6.0, <3.6.112023-01-26

CVE-2023-0415 [MEDIUM] CWE-404 CVE-2023-0415: iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service v iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-0416MEDIUMCVSS 6.5v>=4.0.0, <4.0.3v>=3.6.0, <3.6.112023-01-26

CVE-2023-0416 [MEDIUM] CWE-404 CVE-2023-0416: GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2023-0417MEDIUMCVSS 6.5v>=4.0.0, <4.0.3v>=3.6.0, <3.6.112023-01-26

CVE-2023-0417 [MEDIUM] CWE-404 CVE-2023-0417: Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial o Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2022-4345MEDIUMCVSS 6.5v>=4.0.0, <4.0.2v>=3.6.0, <3.6.102023-01-12

CVE-2022-4345 [MEDIUM] CWE-835 CVE-2022-4345: Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2022-4344MEDIUMCVSS 4.3v>=4.0.0, <4.0.2v>=3.6.0, <3.6.102023-01-12

CVE-2022-4344 [MEDIUM] CWE-400 CVE-2022-4344: Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 all Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

← Previous3 / 5Next →