|
247701
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11361
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247702
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a bu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11360
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247703
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-11359
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247704
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet pre…
|
CWE-416
Use After Free
|
CVE-2018-11358
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247705
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
|
CWE-20
Improper Input Validation
|
CVE-2018-11357
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247706
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in …
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-11356
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247707
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11355
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247708
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
|
CWE-20
Improper Input Validation
|
CVE-2018-11354
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247709
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11384
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247710
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in …
|
CWE-908
Use of Uninitialized Resource
|
CVE-2018-11383
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
