Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (692 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-14340 3 Debian, Redhat, Wireshark 3 Debian Linux, Enterprise Linux, Wireshark 2024-11-21 N/A
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
CVE-2018-14339 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-11-21 N/A
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.
CVE-2018-11362 3 Debian, Redhat, Wireshark 3 Debian Linux, Enterprise Linux, Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character.
CVE-2018-11361 1 Wireshark 1 Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.
CVE-2018-11360 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.
CVE-2018-11359 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.
CVE-2018-11358 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.
CVE-2018-11357 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
CVE-2018-11356 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
CVE-2018-11355 1 Wireshark 1 Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
CVE-2018-11354 1 Wireshark 1 Wireshark 2024-11-21 N/A
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
CVE-2024-9780 1 Wireshark 1 Wireshark 2024-10-17 7.8 High
ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file