|
250911
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet pre…
|
CWE-416
Use After Free
|
CVE-2018-11358
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250912
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
|
CWE-20
Improper Input Validation
|
CVE-2018-11357
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250913
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in …
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-11356
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250914
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11355
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250915
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
|
CWE-20
Improper Input Validation
|
CVE-2018-11354
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250916
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11384
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250917
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in …
|
CWE-908
Use of Uninitialized Resource
|
CVE-2018-11383
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250918
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11382
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250919
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11381
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250920
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11380
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
