|
247001
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9351
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247002
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative le…
|
CWE-20
CWE-770
Improper Input Validation
Allocation of Resources Without Limits or Throttling
|
CVE-2017-9350
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247003
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9349
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247004
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9348
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247005
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9347
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247006
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9346
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247007
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9345
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247008
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
|
CWE-369
Divide By Zero
|
CVE-2017-9344
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247009
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9343
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247010
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large nu…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2017-9060
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
