cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-1492,https://securityvulnerability.io/vulnerability/CVE-2025-1492,Denial of Service Vulnerability in Wireshark by The Wireshark Foundation,"A vulnerability exists in Wireshark, specifically within the Bundle Protocol and CBOR dissectors. This flaw can lead to a Denial of Service condition due to crashes when processing specially crafted packet data or capture files. Users running Wireshark versions 4.4.0 through 4.4.3 and 4.2.0 through 4.2.10 are particularly at risk. Attackers can exploit this vulnerability through malicious packet injection, which may disrupt service and hinder network analysis capabilities.",Wireshark,Wireshark,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-20T01:30:46.055Z,0
CVE-2024-11596,https://securityvulnerability.io/vulnerability/CVE-2024-11596,Wireshark ECMP Dissector Denial of Service Vulnerability,"A vulnerability exists in Wireshark versions 4.4.0 through 4.4.1 and 4.2.0 through 4.2.8 that can lead to a denial of service. This flaw allows an attacker to inject malicious packets or craft a specific capture file that, when processed by the ECMP dissector in Wireshark, can cause the application to crash. This vulnerability poses a significant risk to users who rely on Wireshark for network analysis, as it can disrupt their ability to analyze network traffic. Immediate action is recommended to ensure systems remain secure and functional.",Wireshark,Wireshark,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-21T09:30:59.843Z,0
CVE-2024-11595,https://securityvulnerability.io/vulnerability/CVE-2024-11595,FiveCo RAP Dissector Denial of Service Vulnerability,"The Wireshark application experiences a vulnerability within the FiveCo RAP dissector, spanning versions 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8. This vulnerability allows an attacker to exploit an infinite loop condition, resulting in a denial of service. This can be achieved through packet injection or by utilizing a specially crafted capture file. Users are advised to apply the necessary updates or patches to mitigate the risk associated with this vulnerability. Compliance with security recommendations is crucial to maintaining robust network defenses.",Wireshark,Wireshark,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-21T09:30:54.899Z,0
CVE-2024-9781,https://securityvulnerability.io/vulnerability/CVE-2024-9781,AppleTalk Dissector Crash Allows Denial of Service via Packet Injection,A vulnerability present in Wireshark allows for denial of service through the AppleTalk and RELOAD Framing dissectors. This issue arises in versions 4.4.0 and 4.2.0 to 4.2.7 when malicious actors inject packets or utilize specially crafted capture files. Users of the affected versions are encouraged to upgrade their software to maintain optimal security and functionality. This vulnerability emphasizes the importance of securing network analysis tools against potential exploitation vectors.,Wireshark,Wireshark,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-10T06:30:54.729Z,0
CVE-2024-2955,https://securityvulnerability.io/vulnerability/CVE-2024-2955,T.38 Dissector Denial of Service Vulnerability in Wireshark,"A vulnerability in the T.38 dissector of Wireshark allows for a denial of service attack when an attacker injects specially crafted packets or uses a malicious capture file. Affected versions from 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 of Wireshark are susceptible to this issue, which can cause crashes and impede the application’s functionality. This presents a significant risk for users reliant on Wireshark for network analysis and monitoring.",Wireshark,Wireshark,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-26T20:02:08.419Z,0
CVE-2023-6175,https://securityvulnerability.io/vulnerability/CVE-2023-6175,NetScreen File Parser Denial of Service Vulnerability,"A vulnerability in Wireshark's handling of NetScreen file parsing can lead to a denial of service condition. This flaw is present in Wireshark versions 4.0.0 through 4.0.10 and 3.6.0 to 3.6.18. Attackers can exploit this vulnerability by crafting malicious capture files that trigger a crash when processed by Wireshark, potentially disrupting network analysis activities and impacting system availability.",Wireshark,Wireshark,7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-03-26T07:30:49.763Z,0
CVE-2024-0209,https://securityvulnerability.io/vulnerability/CVE-2024-0209,NULL Pointer Dereference in Wireshark,"A vulnerability exists within specific versions of Wireshark, linked to an IEEE 1609.2 dissector that can be exploited to cause a denial of service. Attackers can leverage packet injection or utilize specially crafted capture files to trigger a crash in the application. This could disrupt the operational capabilities of Wireshark, leading to significant risks for users relying on this essential network protocol analyzer.",Wireshark,Wireshark,7.8,HIGH,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-01-03T08:15:00.000Z,0
CVE-2024-0207,https://securityvulnerability.io/vulnerability/CVE-2024-0207,Out-of-bounds Read in Wireshark,"A vulnerability in Wireshark, specifically in version 4.2.0, allows for a denial of service due to an HTTP3 dissector crash. This vulnerability can be exploited through packet injection or by utilizing a specially crafted capture file, potentially disrupting service availability. Users are encouraged to assess their environments for exposure to this vulnerability.",Wireshark,Wireshark,7.8,HIGH,0.0007800000021234155,false,,false,false,false,,,false,false,,2024-01-03T08:15:00.000Z,0
CVE-2024-0208,https://securityvulnerability.io/vulnerability/CVE-2024-0208,Improper Handling of Missing Values in Wireshark,"A vulnerability has been identified in multiple versions of Wireshark, specifically versions 4.2.0, as well as earlier versions starting from 3.6.0 up to 3.6.19, and from 4.0.0 up to 4.0.11. This issue is due to a crash in the GVCP dissector, which can be triggered through packet injection or the use of crafted capture files. Such manipulations may lead to a denial of service, which disrupts the operation of the application and can impact users' ability to analyze network traffic effectively. Immediate attention to updating to secure versions is recommended.",Wireshark,Wireshark,7.5,HIGH,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-01-03T08:15:00.000Z,0
CVE-2024-0211,https://securityvulnerability.io/vulnerability/CVE-2024-0211,Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark,"A denial of service vulnerability has been identified in Wireshark 4.2.0, specifically affecting the DOCSIS dissector. The flaw allows attackers to trigger a crash by injecting malicious packets or using crafted capture files. Exploitation of this vulnerability can lead to service disruption, impacting the functionality of Wireshark for legitimate users. Users are advised to update to the latest version to mitigate the risk associated with this vulnerability.",Wireshark,Wireshark,7.5,HIGH,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-01-03T08:15:00.000Z,0
CVE-2024-0210,https://securityvulnerability.io/vulnerability/CVE-2024-0210,Uncontrolled Recursion in Wireshark,"A vulnerability exists in the Wireshark application within the Zigbee TLV dissector, specifically in version 4.2.0. Attackers can exploit this vulnerability to cause a denial of service condition by injecting malicious packets or using specially crafted capture files. This may result in unexpected application crashes, impacting the availability of the service for legitimate users. Proper input validation measures should be implemented to prevent such scenarios.",Wireshark,Wireshark,7.8,HIGH,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-01-03T08:15:00.000Z,0
CVE-2023-4511,https://securityvulnerability.io/vulnerability/CVE-2023-4511,Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark,"A vulnerability in the BT SDP dissector component of Wireshark versions 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 permits an attacker to exploit an infinite loop via packet injection or by using a specially crafted capture file. This can result in a denial of service, disrupting the operation of the affected instances of Wireshark. For further details, refer to the [official security advisory](https://www.wireshark.org/security/wnpa-sec-2023-24.html) and the [GitLab issue report](https://gitlab.com/wireshark/wireshark/-/issues/19258).",Wireshark,Wireshark,7.5,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2023-08-24T07:15:00.000Z,0
CVE-2023-4512,https://securityvulnerability.io/vulnerability/CVE-2023-4512,Uncontrolled Recursion in Wireshark,"The CBOR dissector in Wireshark versions 4.0.0 through 4.0.6 is subject to a vulnerability that can lead to a denial of service. This is achieved through packet injection or the use of a specially crafted capture file, which causes the application to crash. Users of these versions should promptly update to mitigate the risks associated with this vulnerability.",Wireshark,Wireshark,7.5,HIGH,0.0007800000021234155,false,,false,false,false,,,false,false,,2023-08-24T07:15:00.000Z,0
CVE-2023-4513,https://securityvulnerability.io/vulnerability/CVE-2023-4513,Missing Release of Memory after Effective Lifetime in Wireshark,"The Wireshark application, specifically versions 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15, is susceptible to a memory leak caused by the BT SDP dissector. This vulnerability allows attackers to exploit the application by injecting crafted packets or utilizing specially modified capture files, potentially leading to a denial of service scenario. Users and network administrators are advised to update to the latest versions to mitigate potential risks associated with this vulnerability.",Wireshark,Wireshark,7.5,HIGH,0.0007800000021234155,false,,false,false,false,,,false,false,,2023-08-24T07:15:00.000Z,0
CVE-2023-2879,https://securityvulnerability.io/vulnerability/CVE-2023-2879,Denial of Service through GDSDB Infinite Loop in Wireshark Software by The Wireshark Team,"The GDSDB infinite loop vulnerability found in Wireshark versions 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 can lead to a denial of service condition. This issue arises when an attacker exploits the flaw using either specially crafted packet injections or by providing a malicious capture file. As a result, affected systems may become unresponsive, impacting network monitoring and analysis capabilities. Users are encouraged to update to the latest versions to mitigate potential risks associated with this vulnerability.",Wireshark,Wireshark,7.5,HIGH,0.0015899999998509884,false,,false,false,false,,,false,false,,2023-05-26T00:00:00.000Z,0
CVE-2023-1992,https://securityvulnerability.io/vulnerability/CVE-2023-1992,Wireshark RPCoRDMA Dissector Vulnerability in Wireshark Versions 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12,"A vulnerability exists in the RPCoRDMA dissector of Wireshark, affecting versions 4.0.0 through 4.0.4 and 3.6.0 through 3.6.12. This flaw can result in a denial of service condition through the injection of malicious packets or specially crafted capture files. Attackers can exploit this vulnerability to crash the Wireshark application, potentially leading to disruption in network analysis activities and loss of data integrity.",Wireshark,Wireshark,7.5,HIGH,0.002319999970495701,false,,false,false,false,,,false,false,,2023-04-12T00:00:00.000Z,0
CVE-2023-1161,https://securityvulnerability.io/vulnerability/CVE-2023-1161,Denial of Service Vulnerability in Wireshark by The Wireshark Project,"A vulnerability in Wireshark's ISO 15765 and ISO 10681 dissectors can be triggered by attackers using specially crafted packets or capture files. This exploit can cause the application to crash, leading to a denial of service for users. Versions affected include Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11, making it imperative for users to upgrade to the patched versions to mitigate the risks of such attacks.",Wireshark,Wireshark,7.1,HIGH,0.0009200000204145908,false,,false,false,false,,,false,false,,2023-03-06T00:00:00.000Z,0
CVE-2023-0412,https://securityvulnerability.io/vulnerability/CVE-2023-0412,TIPC Dissector Crash in Wireshark Affected Versions from 4.0.0 to 4.0.2,"The TIPC dissector in Wireshark versions ranging from 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 is susceptible to a denial of service attack. This vulnerability can be exploited through the injection of malicious packets or by using specially crafted capture files. When triggered, this flaw can lead to unexpected crashes, potentially disrupting network analysis operations and revealing security risks.",Wireshark,Wireshark,7.1,HIGH,0.0018599999602884054,false,,false,false,false,,,false,false,,2023-01-26T21:18:00.000Z,0
CVE-2022-0582,https://securityvulnerability.io/vulnerability/CVE-2022-0582,Denial of Service Vulnerability in Wireshark by Gerald Combs,"The recent security flaw in Wireshark's CSN.1 protocol dissector allows attackers to exploit unaligned access by injecting malicious packets or using crafted capture files. This vulnerability affects multiple versions of the software, specifically 3.4.0 to 3.4.11 and 3.6.0 to 3.6.1, and can result in a denial of service. Users should update their installations promptly to mitigate the risk.",Wireshark,Wireshark,9.8,CRITICAL,0.00547999981790781,false,,false,false,false,,,false,false,,2022-02-14T00:00:00.000Z,0
CVE-2022-0583,https://securityvulnerability.io/vulnerability/CVE-2022-0583,Denial of Service Vulnerability in Wireshark by The Wireshark Foundation,"A vulnerability exists in the PVFS protocol dissector in Wireshark versions 3.4 and 3.6, enabling attackers to exploit crafted packets or capture files. This flaw can trigger crashes, potentially disrupting service and compromising the reliability of network analysis tools.",Wireshark,Wireshark,7.5,HIGH,0.003530000103637576,false,,false,false,false,,,false,false,,2022-02-14T00:00:00.000Z,0
CVE-2021-4185,https://securityvulnerability.io/vulnerability/CVE-2021-4185,Denial of Service Vulnerability in Wireshark by The Wireshark Foundation,"An infinite loop in the RTMPT dissector of Wireshark allows attackers to cause a denial of service by injecting crafted packets or through specially designed capture files. This vulnerability impacts multiple versions of Wireshark, making it critical for users to ensure their software is up to date to mitigate potential exploits.",Wireshark,Wireshark,7.5,HIGH,0.00215999991632998,false,,false,false,false,,,false,false,,2021-12-30T00:00:00.000Z,0
CVE-2021-4184,https://securityvulnerability.io/vulnerability/CVE-2021-4184,Denial of Service Vulnerability in Wireshark's BitTorrent DHT Dissector,"A denial of service vulnerability exists in the BitTorrent DHT dissector of Wireshark. The flaw may be exploited by attackers through packet injection or crafted capture files, leading to an infinite loop that disrupts normal operations. This can result in the software becoming unresponsive, thereby hindering network analysis capabilities.",Wireshark,Wireshark,7.5,HIGH,0.00215999991632998,false,,false,false,false,,,false,false,,2021-12-30T00:00:00.000Z,0
CVE-2021-4190,https://securityvulnerability.io/vulnerability/CVE-2021-4190,Denial of Service Vulnerability in Wireshark by The Wireshark Foundation,"A vulnerability exists in Wireshark 3.6.0 that allows for denial of service attacks. This is due to a large loop in the Kafka dissector, which can be exploited through packet injection or by using specially crafted capture files. Attackers can leverage this flaw to interrupt normal functionality, causing the application to become unresponsive.",Wireshark,Wireshark,7.5,HIGH,0.0021800000686198473,false,,false,false,false,,,false,false,,2021-12-30T00:00:00.000Z,0
CVE-2021-4181,https://securityvulnerability.io/vulnerability/CVE-2021-4181,Denial of Service Vulnerability in Wireshark by The Sysdig Event Dissector,"A vulnerability in the Sysdig Event dissector in Wireshark versions 3.6.0 and 3.4.0 through 3.4.10 enables attackers to cause a denial of service. This can be achieved through malicious packet injection or by using specially crafted capture files, potentially disrupting normal operations and access to critical network analysis tools.",Wireshark,Wireshark,7.5,HIGH,0.0026199999265372753,false,,false,false,false,,,false,false,,2021-12-30T00:00:00.000Z,0
CVE-2021-4182,https://securityvulnerability.io/vulnerability/CVE-2021-4182,Denial of Service Vulnerability in Wireshark by The Wireshark Foundation,"A vulnerability in Wireshark allows a denial of service due to a crash in the RFC 7468 dissector. This can be triggered by packet injection or by using a crafted capture file, potentially disrupting network analysis operations for users on affected versions.",Wireshark,Wireshark,7.5,HIGH,0.001769999973475933,false,,false,false,false,,,false,false,,2021-12-30T00:00:00.000Z,0