Shodan
Vulnerabilities
Vulnerable Software
Wireshark:  >> Wireshark  Security Vulnerabilities
CVE-2020-26422
Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file
CVSS Score
3.7
EPSS Score
0.003
Published
2020-12-21
CVE-2020-26418
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVSS Score
3.1
EPSS Score
0.003
Published
2020-12-11
CVE-2020-26419
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
CVSS Score
3.1
EPSS Score
0.004
Published
2020-12-11
CVE-2020-26420
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVSS Score
3.1
EPSS Score
0.004
Published
2020-12-11
CVE-2020-26421
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVSS Score
4.2
EPSS Score
0.002
Published
2020-12-11
CVE-2020-28030
In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.
CVSS Score
7.5
EPSS Score
0.011
Published
2020-11-02
CVE-2020-25862
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-10-06
CVE-2020-25863
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-10-06
CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
CVSS Score
7.5
EPSS Score
0.015
Published
2020-10-06
CVE-2020-26575
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
CVSS Score
7.5
EPSS Score
0.022
Published
2020-10-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved