43 matches found
EulerOS Virtualization 2.10.1 : avahi (EulerOS-SA-2026-2015)
According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...
[SECURITY] Fedora 44 Update: kf6-kdnssd-6.25.0-1.fc44
KDE Frameworks 6 Tier 1 integration module for DNS-SD services Zeroconf...
CVE-2026-35659
OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...
CVE-2026-35659
OpenClaw vulnerability CVE-2026-35659 affects OpenClaw prior to 2026.3.22. The issue is a service discovery flaw where TXT metadata from Bonjour and DNS-SD can influence CLI routing even if service resolution fails. Attackers could abuse unresolved hints to steer routing decisions toward unintend...
CVE-2026-35659 OpenClaw < 2026.3.22 - Unresolved Service Metadata Routing via Bonjour and DNS-SD Discovery
OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can exploit unresolved hints to steer routing decisions to unintended targets by providing malicious...
PT-2026-30270
Name of the Vulnerable Software and Affected Versions Avahi versions prior to 0.9-rc4 Description Avahi, a system for local network service discovery using mDNS/DNS-SD, is susceptible to a denial-of-service condition. An unprivileged local user can terminate the avahi-daemon process by sending a...
OpenClaw: Bonjour/DNS-SD TXT metadata steers CLI routing after failed service resolution
Summary Bonjour and DNS-SD TXT metadata could still steer CLI routing even when actual service resolution failed, allowing unresolved hints to influence the chosen target. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...
CVE-2026-26327 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning
OpenClaw is a personal AI assistant. Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to version 2026.2.14, some clients treated TXT values as authoritative routing/pinning inputs...
CVE-2025-68471
A flaw was found in Avahi, a system that enables devices to discover services on a local network using the mDNS/DNS-SD Multicast Domain Name System/DNS-based Service Discovery protocols. A remote attacker can exploit this by sending two specific network messages, known as unsolicited announcement...
avahi security update
An update is available for avahi. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Avahi is an implementation of the DNS Service Discovery and Multicast DNS...
Moderate: Red Hat Security Advisory: avahi security update
An update for avahi is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 9 : avahi (RHSA-2025:11402)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11402 advisory. Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service...
ALSA-2025:7437 Moderate: avahi security update
Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...
cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source
A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...
Moderate: Red Hat Security Advisory: avahi security update
An update for avahi is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RLSA-2023:7190 Moderate: avahi security update
Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...
Moderate: Red Hat Security Advisory: avahi security update
An update for avahi is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: avahi security update
Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...
Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1558 Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-33189 SUMMARY An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, Inc. io...
Fedora: Security Advisory for golang-github-skynetservices-skydns (FEDORA-2022-37aef44d1e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...