VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1698 advisories across 32 monitored vendors.
UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Affected product named by the advisory: GitLab.
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Affected product named by the advisory: GitLab.
TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service Affected product named by the advisory: GitLab.
Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service Affected product named by the advisory: GitLab.
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service Affected product named by the advisory: GitLab.
GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to improper authorization controls.
Information disclosure via case-sensitivity bypass in excluded path enforcement. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-178.
Authentication bypass due to improper Certificate Revocation List enforcement on gRPC listener. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-295.
Denial of Service via IEEE 802.11 protocol dissector crash. Red Hat rates this moderate (CVSS 5.7). Weakness: CWE-476.
Denial of Service via Catapult DCT2000 protocol dissector crash. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-476.
Denial of service via FMP/NOTIFY protocol dissector crash. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-1286.
Denial of Service via pcapng file parser crash. Red Hat rates this moderate. Weakness: CWE-825.
Denial of service via SSH protocol dissector crash. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-1286.
Denial of Service via UMTS FP protocol dissector crash. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-1286.
DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the DBS Etherwatch file parser, leading to a crash of the application. This could result in a denial of service, making the Wireshark application unavailable to users. This flaw allows a remote attacker to trigger an application crash by processing a specially crafted file, impacting the availability of the network analysis tool. The vulnerability requires user interaction to open a malicious file or process untrusted network captures. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-1286. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Z39.50 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service A heap buffer overflow can occur when the dissector processes malformed Z39.50 records with partial directory entries, as the pre-allocated array size is calculated using floor division and does not account for additional partial entries. An attacker could exploit this by convincing a user to open a specially crafted packet capture file, causing Wireshark to crash. This flaw requires user interaction, specifically opening a specially crafted packet capture file, limiting its immediate impact on typical server deployments. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-131. Affected Red Hat products: Red Hat Enterprise Linux 10. Red Hat does not currently list a fixing RHSA for this CVE.
TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service A flaw was found in Wireshark. This vulnerability allows a remote attacker to cause a denial of service by crafting a malicious TLS Encrypted Client Hello (ECH) packet. When Wireshark attempts to decrypt this malformed packet, it can lead to a crash of the application, making it unavailable. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-617. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service A flaw was found in Wireshark. A local user could trigger multiple protocol dissector infinite loops by providing specially crafted network traffic for analysis. This could lead to a Denial of Service (DoS) condition, making the application unresponsive. Exploitation requires a local user to open and analyze specially crafted network traffic, limiting the attack vector to interactive use cases rather than automated or remote exploitation. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-835. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service A flaw was found in Wireshark, specifically within its `ciscodump` component. The issue can be exploited through user interaction, making the affected component unavailable. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-476. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Information disclosure of private project existence via improper authorization. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-862.