Overview
Description
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Statistics
- 1 Post
Last activity: 1 hour ago
Fediverse
Not sure if it was a good idea to look this closely: CVE-2026-42511 (#freebsd #dhclient) looks awfully similar to CVE-2011-0997 (isc-dhcp).
Overview
- Progress Software
- MOVEit Automation
30 Apr 2026
Published
01 May 2026
Updated
CVSS v3.1
HIGH (7.7)
EPSS
0.06%
KEV
Description
Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation.
This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.
Statistics
- 1 Post
Last activity: 4 hours ago
Overview
Description
Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic.
Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset.
Statistics
- 1 Post
Last activity: 9 hours ago
Overview
Description
An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers.
The bug may be exploitable by an unprivileged user to obtain superuser privileges.
Statistics
- 1 Post
Last activity: 9 hours ago