Wireshark 3.2.7

CPE Details

Wireshark 3.2.7
wireshark
wireshark
3.2.7
2020-11-02
16h11 +00:00
2020-11-02
16h11 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:wireshark:wireshark:3.2.7:*:*:*:*:*:*:*

Informations

Vendor

wireshark

Product

wireshark

Version

3.2.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-24476 2024-02-20 23h00 +00:00 A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
7.5
High
CVE-2024-24478 2024-02-20 23h00 +00:00 An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
7.5
High
CVE-2024-24479 2024-02-20 23h00 +00:00 A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
7.5
High
CVE-2023-2906 2023-08-25 20h41 +00:00 Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.
6.5
Medium
CVE-2022-4344 2023-01-11 00h00 +00:00 Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file
6.3
Medium
CVE-2021-39923 2021-11-19 15h31 +00:00 Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
7.5
High
CVE-2021-39921 2021-11-18 23h00 +00:00 NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
7.5
High
CVE-2021-39922 2021-11-18 23h00 +00:00 Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
7.5
High
CVE-2021-39924 2021-11-18 23h00 +00:00 Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
7.5
High
CVE-2021-39925 2021-11-18 23h00 +00:00 Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
7.5
High
CVE-2021-39929 2021-11-18 23h00 +00:00 Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
7.5
High
CVE-2021-39928 2021-11-17 23h00 +00:00 NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
7.5
High
CVE-2021-22235 2021-07-19 22h00 +00:00 Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file
7.5
High
CVE-2021-22207 2021-04-23 15h32 +00:00 Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file
6.5
Medium
CVE-2021-22191 2021-03-15 16h48 +00:00 Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
8.8
High
CVE-2020-26418 2020-12-11 16h27 +00:00 Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
5.3
Medium
CVE-2020-26421 2020-12-11 16h25 +00:00 Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
5.3
Medium
CVE-2020-26420 2020-12-11 16h20 +00:00 Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
5.3
Medium
CVE-2020-28030 2020-10-30 19h02 +00:00 In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.
7.5
High
CVE-2020-26575 2020-10-06 12h57 +00:00 In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.