SUSE SLED15 / SLES15 / openSUSE 15 Security Update : avahi (SUSE-SU-2026:1441-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1441-1 advisory. This update for avahi fixes the following issue: - CVE-2026-24401: avahi-daemon can be crashed via a...

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record bsc1257235. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...

SUSE-SU-2026:1441-1 Security update for avahi

This update for avahi fixes the following issue: - CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record bsc1257235...

SUSE-SU-2026:21117-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-24401: Fix unsolicited mDNS response containing a recursive CNAME record. bsc1257235...

SUSE-SU-2026:21127-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-24401: Fix unsolicited mDNS response containing a recursive CNAME record. bsc1257235...

CVE-2026-24401 vulnerabilities

Vulnerabilities for packages: avahi...

OESA-2026-1450 avahi security update

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared...

BELL-CVE-2026-24401

Bulletin has no description...

CVE-2026-24401

creationtimestamp| type| source ---|---|--- 2026-01-24 03:19:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md5aythax72m 2026-05-18 14:29:40+00:00| seen| https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3mm53m7deij32...

UBUNTU-CVE-2026-24401

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

CVE-2025-24401

Jenkins Folder-based Authorization Strategy Plugin 217.vd5b18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted typically optional permissions, like Overall/Manage to access functionality they're no longer entitle...

CVE-2023-24401

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Davidsword Mobile Call Now & Map Buttons plugin = 1.5.0 versions...

CVE-2021-24401

The Edit domain functionality in the WP Domain Redirect WordPress plugin through 1.0 has an editid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...

CVE-2022-24401

Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...

CVE-2025-24401

creationtimestamp| type| source ---|---|--- 2025-01-22 17:16:02+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdumxrnhc2r 2025-01-22 17:54:36+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113873287621870613 2025-01-22 18:54:27+00:00| seen|...

CVE-2025-24401

CVE-2025-24401 affects the Jenkins Folder-based Authorization Strategy Plugin (versions 217.vd5b_18537403e and earlier). The root cause is that the plugin does not verify that permissions configured to be granted are enabled, potentially letting users who were previously granted optional permissi...

CVE-2025-24401

Jenkins Folder-based Authorization Strategy Plugin 217.vd5b18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted typically optional permissions, like Overall/Manage to access functionality they're no longer entitle...

CVE-2025-24401

Jenkins Folder-based Authorization Strategy Plugin 217.vd5b18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted typically optional permissions, like Overall/Manage to access functionality they're no longer entitle...

CVE-2025-24401

Jenkins Folder-based Authorization Strategy Plugin 217.vd5b18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted typically optional permissions, like Overall/Manage to access functionality they're no longer entitle...

Nagios XI Version 2024R1.01 - SQL Injection

Exploit Title: NAGIOS XI SQLI Google Dork: if applicable Date: 02/26/2024 Exploit Author: Jarod Jaslow MAWK https://www.linkedin.com/in/jarod-jaslow-codename-mawk-265144201/ Vendor Homepage: https://www.nagios.com/changelog/nagios-xi Software Link: https://github.com/MAWK0235/CVE-2024-24401...