Dhcp

This hub aggregates every CVE we track for Dhcp, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Dhcp.

• CVE-2024-3661DHCP routing options can manipulate interface-based VPN traffic7.6May 6, 2024
• CVE-2022-2929DHCP memory leak6.5Oct 7, 2022
• CVE-2022-2928An option refcount overflow exists in dhcpd6.5Oct 7, 2022
• CVE-2021-25217A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient7.4May 26, 2021
• CVE-2018-5732A specially constructed response from a malicious server can cause a buffer overflow in dhclient7.5Oct 9, 2019
• CVE-2018-5733A malicious client can overflow a reference counter in ISC dhcpd7.5Jan 16, 2019
• CVE-2017-3144Failure to properly clean up closed OMAPI connections can exhaust available sockets7.5Jan 16, 2019
• CVE-2018-1111DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A maliciou...7.5May 17, 2018
• CVE-2016-2774ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assert...5.9Mar 9, 2016
• CVE-2015-8605ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.6.5Jan 14, 2016
• CVE-2013-2494libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaust...4.9Mar 28, 2013
• CVE-2012-3955ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an env...7.1Sep 14, 2012
• CVE-2012-3954Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.3.3Jul 25, 2012
• CVE-2012-3570Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identi...5.7Jul 25, 2012
• CVE-2012-3571ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.6.1Jul 25, 2012