Lucene search
+L

704 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: dhcp (UTSA-2025-680666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680666 advisory. In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series...

7.4CVSS7.2AI score0.06118EPSS
Exploits1References4
OSV
OSV
added 2025/10/03 7:56 p.m.7 views

RLSA-2025:9178 Important: kea security update

DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers suppor...

7.8CVSS6.5AI score0.00233EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/10/01 12:0 a.m.4 views

USBCoercer: A TinyUSB Based WPAD Coercion Device

USBCoercer turns an ESP32 development board with native USB-OTG into an Ethernet-over-USB gadget capable of coercing proxy configuration via WPAD. It builds on the TinyUSB Network Control Model NCM example and adds a minimalist DHCP server that injects DHCP option 252 WPAD/PAC and, additionally,...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/09/23 2:37 a.m.5 views

DHCP: DHCP routing options can manipulate interface-based VPN traffic

DHCP can add routes to a client’s routing table via the classless static route option 121. VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify...

7.6CVSS7.3AI score0.04063EPSS
Exploits1References24
OSV
OSV
added 2025/09/09 5:16 p.m.3 views

CVE-2025-57062

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS5.9AI score0.00456EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.2 views

SUSE SLES15 Security Update : ovmf (SUSE-SU-2025:03096-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03096-1 advisory. - CVE-2023-45229: Fixed integer underflow when processing IANA/IATA options in a DHCPv6 Advertise message bsc1218879 - CVE-2023-45230: Fixed...

8.8CVSS7.9AI score0.01223EPSS
Exploits1References7
Fedora
Fedora
added 2025/09/07 12:52 a.m.14 views

[SECURITY] Fedora 42 Update: kea-3.0.1-1.fc42

DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers suppor...

7.5CVSS7.1AI score0.00495EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/05 12:0 a.m.1 views

SUSE SLES12 Security Update : ovmf (SUSE-SU-2025:03076-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03076-1 advisory. - CVE-2023-45229: Fixed integer underflow when processing IANA/IATA options in a DHCPv6 Advertise message bsc1218879 - CVE-2023-45230: Fixed...

8.8CVSS7.9AI score0.01223EPSS
Exploits1References7
SUSE Linux
SUSE Linux
added 2025/09/04 10:51 a.m.3 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2023-45229: Fixed integer underflow when processing IANA/IATA options in a DHCPv6 Advertise message bsc1218879 CVE-2023-45230: Fixed buffer overflow in the DHCPv6 client via a long Server ID option bsc1218880 Patch Instructions: To install this...

8.3CVSS7.5AI score0.01223EPSS
Exploits1References8
OSV
OSV
added 2025/09/04 10:51 a.m.3 views

SUSE-SU-2025:03076-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2023-45229: Fixed integer underflow when processing IANA/IATA options in a DHCPv6 Advertise message bsc1218879 - CVE-2023-45230: Fixed buffer overflow in the DHCPv6 client via a long Server ID option bsc1218880...

8.8CVSS6.3AI score0.01223EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/28 9:41 p.m.3 views

CVE-2025-40779

A vulnerability was found in Kea. When an attacker who is an existing client with an assigned IP sends a crafted unicast packet directly to the server's IP and Kea cannot find any subnets that match that client's credentials, the server crashes causing a Denial of Service via assertion/NULL-path...

7.5CVSS6.3AI score0.00495EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/27 12:0 a.m.6 views

ISC Kea 安全漏洞

ISC Kea is a modern open source DHCPv4 and DHCPv6 server from the ISC organization. A security vulnerability exists in ISC Kea versions 2.7.1 through 2.7.9 and 3.0.0 and 3.1.0, which stems from improper handling of DHCPv4 client requests and may result in process abort...

7.5CVSS6.4AI score0.00495EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/20 9:2 p.m.4 views

CVE-2025-9249 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 DHCPReserveAddGroup stack-based overflow

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function DHCPReserveAddGroup of the file /goform/DHCPReserveAddGroup. This manipulation of the argument...

9CVSS7.2AI score0.00866EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.4 views

Linksys多款产品 安全漏洞

Linksys RE6300 and others are products of Linksys, Inc.Linksys RE6300 is a wireless network signal extender.Linksys RE6250 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless...

9CVSS7.2AI score0.00866EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/08/16 5:25 p.m.11 views

CVE-2025-20135

A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation ...

4.3CVSS7.1AI score0.00199EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 5:15 p.m.8 views

CVE-2025-20135

A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation ...

4.3CVSS0.00199EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 4:28 p.m.14 views

CVE-2025-20135 Cisco Adaptive Security Appliance and Firepower Threat Defense Software DHCP Denial of Service Vulnerability

A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation ...

4.3CVSS0.00199EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-52889

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rul...

3.4CVSS6AI score0.00202EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/06/26 11:21 p.m.4 views

SUSE CVE-2025-52889

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

3.4CVSS6.6AI score0.00202EPSS
Exploits0References3
OSV
OSV
added 2025/06/25 5:15 p.m.6 views

UBUNTU-CVE-2025-52889

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

3.4CVSS6AI score0.00202EPSS
Exploits0References5
Rows per page
Query Builder