Vulnerabilities > Dhcpcd Project > Dhcpcd > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-05 | CVE-2019-11766 | Out-of-bounds Read vulnerability in multiple products dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature. | 9.8 |
| 2019-04-28 | CVE-2019-11577 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dhcpcd Project Dhcpcd dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses. | 9.8 |
| 2016-04-18 | CVE-2016-1503 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a malformed DHCP response, aka internal bug 26461634. | 9.8 |