Wireshark 4.0.9

CPE Details

Wireshark 4.0.9
wireshark
wireshark
4.0.9
2023-10-26
11h03 +00:00
2023-10-26
11h03 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:wireshark:wireshark:4.0.9:*:*:*:*:*:*:*

Informations

Vendor

wireshark

Product

wireshark

Version

4.0.9

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-8645 2024-09-10 10h02 +00:00 SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file
5.5
Moyen
CVE-2024-8250 2024-08-28 23h30 +00:00 NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file
7.8
Haute
CVE-2024-4854 2024-05-14 00h03 +00:00 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file
7.5
Haute
CVE-2023-6175 2024-03-26 07h30 +00:00 NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file
7.8
Haute
CVE-2024-24476 2024-02-20 23h00 +00:00 A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
7.5
Haute
CVE-2024-24478 2024-02-20 23h00 +00:00 An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
7.5
Haute
CVE-2024-24479 2024-02-20 23h00 +00:00 A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
7.5
Haute
CVE-2024-0209 2024-01-03 07h31 +00:00 IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
7.8
Haute
CVE-2024-0208 2024-01-03 07h31 +00:00 GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
7.8
Haute
CVE-2023-6174 2023-11-16 11h30 +00:00 SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
6.5
Moyen
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.