15 matches found
CVE-2026-46093 mm/vmalloc: take vmap_purge_lock in shrinker
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the shrinker via vmapnodeshrinkscan. However, decayvapoolnode is not safe t...
CVE-2025-59960
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service DoS on the downstream DHCP...
CVE-2025-59960
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service DoS on the downstream DHCP...
CVE-2025-59960
CVE-2025-59960 affects Juniper Networks Junos OS and Junos OS Evolved. The vulnerability arises in the DHCP service (jdhcpd) where the default DHCP relay behavior allows Option 82 information from a client in one subnet to reach the DHCP server unmodified, enabling a DHCP client to exhaust addres...
EUVD-2026-2718
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service DoS on the downstream DHCP...
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved code-related issues and vulnerabilities
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of the American company Juniper Networks. Juniper Networks Junos OS is a network operating system specifically designed for the company’s hardware devices. This operating system provides secure programming interface...
PT-2026-3108
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service DoS on the downstream DHCP...
EUVD-2022-49224
Malicious code in bioql PyPI...
CVE-2025-54126
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
WebAssembly Micro Runtime 安全漏洞
WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...
Design/Logic Flaw
Parrot Bebop 4.7.1. allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network e.g., by guessing the password. Then, the attacker would need to send...
CVE-2022-46416
CVE-2022-46416 (Parrot Bebop 4.7.1) : The drone is affected by a DHCP pool exhaustion vulnerability that prevents legitimate terminal connections. An attacker must first connect to the device’s internal Wi‑Fi (e.g., via guessing the password) and then send a high volume of DHCP request packets to...
CVE-2022-46415
The DJI Spark vulnerability CVE-2022-46415 affects the DJI Spark firmware 01.00.0900. A remote attacker can exploit a DHCP implementation flaw after connecting to the device’s internal Wi‑Fi, exhausting the DHCP IP address pool by sending a high volume of DHCP requests, leading to denial of servi...
CVE-2021-1620
A vulnerability in the Internet Key Exchange Version 2 IKEv2 support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the cod...
PT-2021-5608 · Cisco · Cisco Ios Xe +1
Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Internet Key Exchange Version 2 IKEv2 support for the AutoReconnect feature could allow an authenticated, remote attacker to...