16 matches found
GO-2026-5304 OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao
OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/revoke,renew — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao...
Security update for NetworkManager
This update for NetworkManager fixes the following issue: Security fixes: CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Other fixes: Don't renew DHCP lease when software devices' MAC is empty bsc1225498. Patch Instructions: To install this SUSE update use the SUSE...
SUSE-SU-2026:1443-1 Security update for NetworkManager
This update for NetworkManager fixes the following issue: Security fixes: - CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Other fixes: - Don't renew DHCP lease when software devices' MAC is empty bsc1225498...
CVE-2025-69542
A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP...
CVE-2025-69542
A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP...
CVE-2025-69542
A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP...
CVE-2025-69542
The CVE-2025-69542 entry affects D-Link DIR895LA1, specifically the DHCP daemon (DIR895LA1 v102b07). The issue is in lease renewal handling where the DHCP hostname is concatenated into a system command without sanitization, allowing arbitrary commands to run with root privileges. Public reference...
CVE-2025-69542
A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP...
PT-2026-1954
Name of the Vulnerable Software and Affected Versions D-Link DIR895LA1 version 102b07 Description A command injection issue exists in the DHCP daemon service. The problem is in how lease renewals are handled, specifically where the DHCP hostname parameter is used in system commands without...
CVE-2025-69542
A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP...
SUSE CVE-2008-3350
dnsmasq 2.43 allows remote attackers to cause a denial of service daemon crash by 1 sending a DHCPINFORM while lacking a DHCP lease, or 2 attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214...
NetworkManager bug fix and enhancement update
An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list NetworkManager is a system network service that manages network device...
Vault Renewed Nearly-Expired Leases With Incorrect Non-Expiring TTLs
Summary Vault and Vault Enterprise “Vault” allowed the renewal of nearly-expired token leases and dynamic secret leases specifically, those within 1 second of their maximum TTL, which caused them to be incorrectly treated as non-expiring during subsequent use. This vulnerability, CVE-2021-32923,...
Scientific Linux Security Update : dhcp on SL6.x i386/x86_64 (20130221)
A flaw was found in the way the dhcpd daemon handled the expiration time of IPv6 leases. If dhcpd's configuration was changed to reduce the default IPv6 lease time, lease renewal requests for previously assigned leases could cause dhcpd to crash. CVE-2012-3955 This update also fixes the following...
RedHat Update for dhcp RHSA-2013:0504-02
Check for the Version of dhcp OpenVAS Vulnerability Test RedHat Update for dhcp RHSA-2013:0504-02 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
DEBIAN-CVE-2008-3214
dnsmasq 2.25 allows remote attackers to cause a denial of service daemon crash by 1 renewing a nonexistent lease or 2 sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon...