| Max CVSS | 9.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-10903 | 5.0 |
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.
|
27-02-2023 - 15:28 | 09-04-2019 - 04:29 | |
| CVE-2019-10896 | 5.0 |
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.
|
27-02-2023 - 15:28 | 09-04-2019 - 04:29 | |
| CVE-2019-10894 | 5.0 |
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
|
27-02-2023 - 15:28 | 09-04-2019 - 04:29 | |
| CVE-2019-10901 | 5.0 |
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.
|
27-02-2023 - 15:28 | 09-04-2019 - 04:29 | |
| CVE-2019-10895 | 5.0 |
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.
|
03-05-2022 - 14:50 | 09-04-2019 - 04:29 | |
| CVE-2019-10899 | 5.0 |
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.
|
03-05-2022 - 14:50 | 09-04-2019 - 04:29 | |
| CVE-2019-6579 | 7.5 |
A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability cou
|
16-10-2020 - 13:03 | 17-04-2019 - 14:29 | |
| CVE-2017-17544 | 9.0 |
A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations.
|
28-08-2020 - 15:14 | 09-04-2019 - 16:29 | |
| CVE-2019-10898 | 5.0 |
In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.
|
24-08-2020 - 17:37 | 09-04-2019 - 04:29 | |
| CVE-2019-10897 | 5.0 |
In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.
|
24-08-2020 - 17:37 | 09-04-2019 - 04:29 | |
| CVE-2019-10902 | 5.0 |
In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.
|
24-08-2020 - 17:37 | 09-04-2019 - 04:29 | |
| CVE-2019-10900 | 5.0 |
In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.
|
24-08-2020 - 17:37 | 09-04-2019 - 04:29 | |
| CVE-2018-1356 | 4.3 |
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the back_url parameter in the file scan component.
|
02-05-2019 - 20:17 | 09-04-2019 - 21:29 | |
| CVE-2004-0447 | 7.2 |
Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux l
|
11-10-2017 - 01:29 | 06-08-2004 - 04:00 |