CVE-2024-24478

HIGH Year: 2024
CVSS v3 Score
7.5
High
Weakness Type
CWE-680
View all →

Vulnerability Description

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

Related Vulnerabilities

CVE-2019-5086

HIGH
CVSS:7.5(High)

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking th...

CWE-6802019

CVE-2024-21454

HIGH
CVSS:7.5(High)

Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics.

CWE-6802024

CVE-2024-57956

HIGH
CVSS:7.5(High)

Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.

CWE-6802024

CVE-2024-58107

HIGH
CVSS:7.5(High)

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

CWE-6802024

CVE-2022-29886

HIGH
CVSS:7.3(High)

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execut...

CWE-6802022

CVE-2022-32543

HIGH
CVSS:7.3(High)

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code executi...

CWE-6802022