Vulnerabilities (CVE)

Filtered by vendor Libndp Subscribe
Filtered by product Libndp
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-3698 4 Canonical, Debian, Libndp and 1 more 10 Ubuntu Linux, Debian Linux, Libndp and 7 more 2024-11-21 6.8 MEDIUM 8.1 HIGH
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.
CVE-2014-3554 1 Libndp 1 Libndp 2024-11-21 6.8 MEDIUM N/A
Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement.