Every CVE whose affected-product data names Isc Dhcp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2009-0692 — CVSS 10.0 (critical): Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before…
CVE-2011-2749 — CVSS 7.8 (high): The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause…
CVE-2011-0413 — CVSS 7.8 (high): The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows…
CVE-2011-2748 — CVSS 7.8 (high): The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause…
CVE-2017-3144 — CVSS 7.5 (high): A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket…
CVE-2018-5733 — CVSS 7.5 (high): A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a…
CVE-2018-5732 — CVSS 7.5 (high): Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a…
CVE-2011-0997 — CVSS 7.5 (high): dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers…
CVE-2021-25217 — CVSS 7.4 (high): In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and…
CVE-2012-3955 — CVSS 7.1 (high): ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in…
CVE-2009-1893 — CVSS 6.9 (medium): The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to…
CVE-2022-2929 — CVSS 6.5 (medium): In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to…
CVE-2015-8605 — CVSS 6.5 (medium): ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application…
CVE-2022-2928 — CVSS 6.5 (medium): In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option()…
CVE-2012-3571 — CVSS 6.1 (medium): ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU…
CVE-2011-4868 — CVSS 6.1 (medium): The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly…
CVE-2016-2774 — CVSS 5.9 (medium): ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows…
CVE-2012-3570 — CVSS 5.7 (medium): Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service…
CVE-2011-4539 — CVSS 5.0 (medium): dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which…
CVE-2009-1892 — CVSS 5.0 (medium): dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows…
CVE-2010-3616 — CVSS 5.0 (medium): ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service…
CVE-2010-2156 — CVSS 5.0 (medium): ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length…
CVE-2013-2494 — CVSS 4.9 (medium): libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving…
CVE-2010-3611 — CVSS 4.3 (medium): ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL…
CVE-2012-3954 — CVSS 3.3 (low): Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of…