Vulnerabilities > Dhcpcd Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-05 | CVE-2019-11766 | Out-of-bounds Read vulnerability in multiple products dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature. | 9.8 |
| 2019-04-28 | CVE-2019-11579 | Out-of-bounds Read vulnerability in multiple products dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED. | 5.0 |
| 2019-04-28 | CVE-2019-11578 | Cryptographic Issues vulnerability in Dhcpcd Project Dhcpcd auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks. | 4.3 |
| 2019-04-28 | CVE-2019-11577 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dhcpcd Project Dhcpcd dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses. | 7.5 |
| 2017-02-07 | CVE-2016-1504 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dhcpcd Project Dhcpcd dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length. | 5.0 |
| 2016-04-18 | CVE-2016-1503 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a malformed DHCP response, aka internal bug 26461634. | 10.0 |
| 2016-04-11 | CVE-2012-6700 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response. | 5.0 |
| 2016-04-11 | CVE-2012-6699 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response. | 5.0 |
| 2016-04-11 | CVE-2012-6698 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response. | 5.0 |
| 2014-09-04 | CVE-2014-6060 | Resource Management Errors vulnerability in multiple products The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again. | 3.3 |