Wireshark Foundation Wireshark vulnerabilities

83 known vulnerabilities affecting wireshark_foundation/wireshark.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL1HIGH41MEDIUM41

Vulnerabilities

Page 4 of 5

CVE-2022-3724HIGHCVSS 7.5v>=3.6.0, <3.6.82022-12-09

CVE-2022-3724 [HIGH] CWE-134 CVE-2022-3724: Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via pac Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows

cvelistv5nvd

CVE-2022-3725HIGHCVSS 7.5v>=3.6.0, <3.6.82022-10-27

CVE-2022-3725 [HIGH] CWE-787 CVE-2022-3725: Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2022-0585MEDIUMCVSS 6.5v>=3.6.0, <3.6.2v>=3.4.0, <3.4.122022-02-18

CVE-2022-0585 [MEDIUM] CWE-834 CVE-2022-0585: Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow de Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2022-0582CRITICALCVSS 9.8v>=3.6.0, <3.6.2v>=3.4.0, <3.4.122022-02-14

CVE-2022-0582 [CRITICAL] CWE-476 CVE-2022-0582: Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 all Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2022-0586HIGHCVSS 7.5v>=3.6.0, <3.6.2v>=3.4.0, <3.4.122022-02-14

CVE-2022-0586 [HIGH] CWE-835 CVE-2022-0586: Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows den Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2022-0581HIGHCVSS 7.5v>=3.6.0, <3.6.2v>=3.4.0, <3.4.122022-02-14

CVE-2022-0581 [HIGH] CWE-416 CVE-2022-0581: Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2022-0583HIGHCVSS 7.5v>=3.6.0, <3.6.2v>=3.4.0, <3.4.122022-02-14

CVE-2022-0583 [HIGH] CWE-787 CVE-2022-0583: Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial o Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-4186HIGHCVSS 7.5v>=3.4.0, <3.4.102021-12-30

CVE-2021-4186 [HIGH] CWE-476 CVE-2021-4186: Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet inje Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-4182HIGHCVSS 7.5v=3.6.0v>=3.4.0, <3.4.102021-12-30

CVE-2021-4182 [HIGH] CWE-835 CVE-2021-4182: Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-4184HIGHCVSS 7.5v=3.6.0v>=3.4.0, <3.4.102021-12-30

CVE-2021-4184 [HIGH] CWE-835 CVE-2021-4184: Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial o Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-4190HIGHCVSS 7.5v=3.6.02021-12-30

CVE-2021-4190 [HIGH] CWE-834 CVE-2021-4190: Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection o Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-4185HIGHCVSS 7.5v=3.6.0v>=3.4.0, <3.4.102021-12-30

CVE-2021-4185 [HIGH] CWE-835 CVE-2021-4185: Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-4181HIGHCVSS 7.5v=3.6.0v>=3.4.0, <3.4.102021-12-30

CVE-2021-4181 [HIGH] CWE-125 CVE-2021-4181: Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-4183MEDIUMCVSS 5.5v=3.6.02021-12-30

CVE-2021-4183 [MEDIUM] CWE-125 CVE-2021-4183: Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file

cvelistv5nvd

CVE-2021-39922HIGHCVSS 7.5v>=3.4.0, <3.4.10v>=3.2.0, <3.2.182021-11-19

CVE-2021-39922 [HIGH] CWE-120 CVE-2021-39922: Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denia Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-39923HIGHCVSS 7.5v>=3.2.0, <3.2.18v>=3.4.0, <3.4.102021-11-19

CVE-2021-39923 [HIGH] CWE-834 CVE-2021-39923: Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of se Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-39925HIGHCVSS 7.5v>=3.4.0, <3.4.10v>=3.2.0, <3.2.182021-11-19

CVE-2021-39925 [HIGH] CWE-120 CVE-2021-39925: Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allow Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-39929HIGHCVSS 7.5v>=3.4.0, <3.4.10v>=3.2.0, <3.2.182021-11-19

CVE-2021-39929 [HIGH] CWE-674 CVE-2021-39929: Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.1 Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-39921HIGHCVSS 7.5v>=3.4.0, <3.4.10v>=3.2.0, <3.2.182021-11-19

CVE-2021-39921 [HIGH] CWE-476 CVE-2021-39921: NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allow NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2021-39926HIGHCVSS 7.5v>=3.4.0, <3.4.102021-11-19

CVE-2021-39926 [HIGH] CWE-120 CVE-2021-39926: Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of serv Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

← Previous4 / 5Next →