Search CVE reports
351 – 360 of 847 results
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | — | — | — | Fixed |
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | — | — | — | Fixed |
Some fixes available 3 of 106
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100"...
12 affected packages
dcraw, darktable, exactimage, kodi, rawtherapee...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dcraw | Needs evaluation | Needs evaluation | Ignored | Ignored |
| darktable | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| kodi | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected |
| ufraw | Not in release | Not in release | Not in release | Vulnerable |
| flphoto | Not in release | Not in release | Not in release | Not in release |
| freeimage | Not affected | Not affected | Not affected | Not affected |
| graphicsmagick | Not affected | Not affected | Not affected | Not affected |
| rawstudio | Not in release | Not in release | Not in release | Not in release |
| xbmc | Not in release | Not in release | Not in release | Not in release |
Some fixes available 3 of 104
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.
12 affected packages
darktable, flphoto, dcraw, exactimage, kodi...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Ignored | Ignored |
| flphoto | Not in release | Not in release | Not in release | Not in release |
| dcraw | Needs evaluation | Needs evaluation | Ignored | Ignored |
| exactimage | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| kodi | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Not affected | Not affected |
| ufraw | Not in release | Not in release | Not in release | Ignored |
| rawstudio | Not in release | Not in release | Not in release | Not in release |
| freeimage | Not affected | Not affected | Not affected | Not affected |
| graphicsmagick | Not affected | Not affected | Not affected | Not affected |
| xbmc | Not in release | Not in release | Not in release | Not in release |
Some fixes available 6 of 7
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | — | — | — | Fixed |
Some fixes available 6 of 7
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to...
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | — | — | — | Fixed |
Some fixes available 6 of 7
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks...
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | — | — | — | Fixed |
Some fixes available 6 of 7
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting...
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | — | — | — | Fixed |
Some fixes available 6 of 7
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by...
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | — | — | — | Fixed |
Some fixes available 6 of 7
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type...
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | — | — | — | Fixed |