Lucene search
K

767 matches found

SUSE Linux
SUSE Linux
added 2026/06/10 2:54 p.m.6 views

Security update for wicked

This update for wicked fixes the following issues: CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.8CVSS5.5AI score0.00297EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/06/10 11:28 a.m.53 views

isc-dhcp-server-root-rce-exploit

isc-...

5.4AI score
Exploits0
CVE
CVE
added 2026/06/10 12:26 a.m.34 views

CVE-2026-45160

ESF-IDF’s ESP-IDF lwIP DHCP server option parser (parse_options in dhcpserver.c) has an out-of-bounds read in the BOOTP/DHCP options parsing. In affected releases 5.2.7, 5.3.5, 5.4.4, 5.5.4 and 6.0.1, a crafted DHCP request can cause reads past the end of the options buffer into adjacent heap mem...

6.5CVSS5.5AI score0.00246EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48679

Name of the Vulnerable Software and Affected Versions wicked versions prior to 0.6.79 Description An indirect remote shell command injection exists due to unsanitized DHCP options. The issue involves improper processing of posix-tz-dbname and tz-string options, as well as a failure to escape...

8.8CVSS5.5AI score0.00297EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48349

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser parse options in components/lwip/apps/dhcpserver/dhcpserver.c shipped with ESP-IDF's lwIP component. The...

6.5CVSS5.6AI score0.00246EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.24 views

dracut project dracut 命令注入漏洞

Dracut is an event-driven initramfs generation tool developed by Dracutdevs. Dracut has a vulnerability related to operating system command injection. This vulnerability arises when remote attackers provide custom DHCP options, which are improperly processed and written into temporary shell...

7.5CVSS6.1AI score0.01131EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.23 views

PT-2026-48526

Name of the Vulnerable Software and Affected Versions dracut affected versions not specified Description A flaw in the legacy DHCP path allows a remote attacker on the adjacent network to achieve root code execution within the initramfs initial RAM file system, which is loaded with the kernel at...

7.5CVSS5.8AI score0.01131EPSS
Exploits0References47
NCSC
NCSC
added 2026/06/09 5:44 p.m.18 views

Vulnerabilities in Microsoft Windows

Microsoft has fixed a large number of vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to various categories of damage, as described in the tables below. Among these vulnerabilities are about six very serious ones, which Microsoft ha...

9.8CVSS6.1AI score0.48438EPSS
Exploits5
NVD
NVD
added 2026/06/09 5:17 p.m.14 views

CVE-2026-45608

Out-of-bounds read in Windows DHCP Client allows an unauthorized attacker to disclose information locally...

6.8CVSS0.00338EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:6 p.m.472 views

CVE-2026-44815

CVE-2026-44815 is a stack-based buffer overflow in the Windows DHCP Client that enables remote code execution over the network. Affected component: Windows DHCP Client; root cause is a stack-based overflow. Consequences are remote code execution with high impact, as indicated by the CVSS vector (...

9.8CVSS6AI score0.011EPSS
Exploits0References1Affected Software13
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.39 views

CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability

...

9.1CVSS0.00366EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:5 p.m.9 views

CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability

...

9.1CVSS5.4AI score0.00366EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:5 p.m.177 views

CVE-2026-45602

Technical details (affected product versions, root cause, exploit specifics, and remediation) are not publicly available in the provided documents. Monitor for updates from NVD and CVE List for CVE-2026-45602.

9.1CVSS5.4AI score0.00366EPSS
Exploits0References1Affected Software13
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.21 views

Windows DHCP Client Information Disclosure Vulnerability

Out-of-bounds read in Windows DHCP Client allows an unauthorized attacker to disclose information locally...

6.8CVSS6.6AI score0.00338EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.11 views

Windows DHCP Client Information Disclosure Vulnerability

Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00362EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-47931

Name of the Vulnerable Software and Affected Versions Windows DHCP Client affected versions not specified Description A stack-based buffer overflow exists in the Windows DHCP Client, allowing an unauthorized remote attacker to execute arbitrary code over a network and affect the system. The issue...

10CVSS6.7AI score0.011EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.12 views

CVE-2026-7424

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...

8.1CVSS5.5AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.16 views

CVE-2026-45158

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configured interface, which is processed by a shell script, allowing remote code execution as root on the underlying operating system. This vulnerability i...

9.1CVSS6.3AI score0.00531EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/04 5:21 a.m.13 views

CVE-2026-10805

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

6.7CVSS5.7AI score0.00118EPSS
Exploits0References3
OSV
OSV
added 2026/06/01 10:4 a.m.6 views

SUSE-SU-2026:2204-1 Security update for busybox

This update for busybox fixes the following issue - CVE-2026-29004: a crafted DHCPv6 response can lead to a heap buffer overflow in the DHCPv6 client bsc1263989...

8.8CVSS6AI score0.00375EPSS
Exploits0References3
Rows per page
Query Builder