CVE-2016-1503 — CVSS 9.8 (critical): dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other…
CVE-2012-6698 — CVSS 7.5 (high): The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a…
CVE-2012-6699 — CVSS 7.5 (high): The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a…
CVE-2012-6700 — CVSS 7.5 (high): The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a…
CVE-2016-1504 — CVSS 7.5 (high): dhcpcd before 6.10.0 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to the option length.
CVE-2014-7913 — CVSS 6.8 (medium): The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other…
CVE-2014-7912 — CVSS 6.8 (medium): The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate…
CVE-2026-56116 — CVSS 6.5 (medium): dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information…
CVE-2026-56113 — CVSS 5.3 (medium): dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link…
CVE-2026-56114 — CVSS 5.3 (medium): dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6_makemessage() in…
CVE-2026-56117 — CVSS 4.7 (medium): dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within…
CVE-2014-6060 — CVSS 3.3 (low): The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the…