Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Dhcpcd Project Security Vulnerabilities

cve
cve

CVE-2012-6698

The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response.

7.5CVSS

7AI Score

0.005EPSS

2016-04-11 03:59 PM
30
cve
cve

CVE-2012-6699

The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response.

7.5CVSS

7AI Score

0.005EPSS

2016-04-11 03:59 PM
34
cve
cve

CVE-2012-6700

The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response.

7.5CVSS

7.1AI Score

0.005EPSS

2016-04-11 03:59 PM
30
cve
cve

CVE-2014-6060

The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again.

7.2AI Score

0.001EPSS

2014-09-04 05:55 PM
20
cve
cve

CVE-2014-7912

The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate the relationship between length fields and the amount of data, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory ...

8.6AI Score

0.012EPSS

2015-07-30 12:59 AM
20
cve
cve

CVE-2014-7913

The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corr...

7.6AI Score

0.003EPSS

2015-07-30 12:59 AM
18
cve
cve

CVE-2016-1503

dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a malform...

9.8CVSS

8.8AI Score

0.047EPSS

2016-04-18 12:59 AM
24
cve
cve

CVE-2016-1504

dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length.

7.5CVSS

7.9AI Score

0.022EPSS

2017-02-07 03:59 PM
18
cve
cve

CVE-2019-11577

dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses.

9.8CVSS

9.7AI Score

0.008EPSS

2019-04-28 04:29 PM
26
4
cve
cve

CVE-2019-11578

auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks.

5.9CVSS

5.6AI Score

0.008EPSS

2019-04-28 04:29 PM
29
cve
cve

CVE-2019-11579

dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.

5.3CVSS

5.2AI Score

0.002EPSS

2019-04-28 04:29 PM
29
cve
cve

CVE-2019-11766

dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.

9.8CVSS

9.5AI Score

0.004EPSS

2019-05-05 06:29 AM
29