HybridAuth Has Improper SSL Certificate Validation in Curl HTTP Client

A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This...

openSUSE 16 Security Update : kea (openSUSE-SU-2026:20341-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20341-1 advisory. Update to release 3.0.1: - CVE-2025-40779: Fixed crash upon interaction between specific client options and subnet selection bsc1248801. Tenable has...

OPENSUSE-SU-2026:20341-1 Security update for kea

This update for kea fixes the following issues: Update to release 3.0.1: - CVE-2025-40779: Fixed crash upon interaction between specific client options and subnet selection bsc1248801...

Important: Red Hat Security Advisory: kea security update

An update for kea is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RHEL 10 : kea (RHSA-2025:21006)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21006 advisory. DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers...

CVE-2025-40779 Kea crash upon interaction between specific client options and subnet selection

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

CVE-2025-40779 Kea crash upon interaction between specific client options and subnet selection

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

USN-6225-1 knot-resolver vulnerability

It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to malicous domains and cause a denial of service...

SUSE SLES12 Security Update : wicked (SUSE-SU-2020:0358-1)

This update for wicked fixes the following issues : CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options bsc1160903. CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IAPD option bsc1160904. CVE-2020-7216: Fixed a potential denial of service via a...

SUSE-SU-2020:0369-1 Security update for wicked

This update for wicked fixes the following issues: - CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options bsc1160903. - CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IAPD option bsc1160904. - CVE-2020-7216: Fixed a potential denial of service vi...