1742 matches found
CVE-2026-33799
CVE-2026-33799 describes an Out-of-bounds Write in the SNMP daemon (snmpd) of Juniper Networks Junos OS and Junos OS Evolved. An authenticated remote attacker can send specific valid SNMPv3 queries to trigger a memory leak, causing snmpd memory exhaustion over time, a resulting process crash, and...
Linux Distros Unpatched Vulnerability : CVE-2026-12413
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The functi...
PT-2026-55314
Name of the Vulnerable Software and Affected Versions Libreswan affected versions not specified Description An invalidly formatted IKEv2 fragment can cause the pluto daemon to crash and restart, leading to a denial of service. The issue occurs within the reassemble v2 incoming fragments function,...
CVE-2026-56116
A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit a memory leak vulnerability in the IPv6 Router Advertisement route information handling. By repeatedly sending specially crafted Router Advertisements with a zero lifetime, the attacker can cause the syst...
EUVD-2026-38496
dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...
PT-2026-51565
Name of the Vulnerable Software and Affected Versions dhcpcd versions prior to 10.3.2 Description An issue in the IPv6 Router Advertisement route information handling allows an unauthenticated attacker on the same link to cause a denial of service. By repeatedly sending crafted Router...
SUSE-SU-2026:22338-1 Security update for avahi
This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...
Astra Linux – Vulnerability in libvirt
A NULL pointer dereference flaw was discovered in the udevConnectListAllInterfaces function within libvirt. This issue can occur when detaching a host interface while simultaneously collecting the list of interfaces using the virConnectListAllInterfaces API. This flaw could be exploited to carry...
Astra Linux – Vulnerability in libvirt
A use-after-free flaw was discovered in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting...
SUSE SLED15 / SLES15 Security Update : avahi (SUSE-SU-2026:2297-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2297-1 advisory. This update for avahi fixes the following issue: - CVE-2026-34933: Prior to version 0.9-rc4, any unprivileged local use...
OESA-2026-2682 sofia-sip security update
Sofia SIP is a RFC-3261-compliant library for SIP user agents and other network elements. The Session Initiation Protocol SIP is an application-layer control signaling protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telepho...
Security update for avahi
This update for avahi fixes the following issue: CVE-2026-24401: uncontrolled recursion in lookuphandlecname can crash the avahi-daemon bsc1257235. CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. Patch Instructions: To install this SUSE updat...
SUSE-SU-2026:2311-1 Security update for avahi
This update for avahi fixes the following issue: - CVE-2026-24401: uncontrolled recursion in lookuphandlecname can crash the avahi-daemon bsc1257235. - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546...
EulerOS Virtualization 2.10.1 : avahi (EulerOS-SA-2026-2015)
According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...
EulerOS Virtualization 2.13.0 : avahi (EulerOS-SA-2026-2159)
According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...
CVE-2026-49943
CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...
EUVD-2026-33980
CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...
PT-2026-45806
CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS PATH mask matching implementation in nest/a-path.c. The as path match function uses a fixed-size stack array of 2048 + 1 pm pos entries, while parse path expands AS PATH segments from a receive...
Astra Linux – Vulnerability in avahi
A vulnerability was discovered in the avahi library. This flaw allows a non-privileged user to make a dbus call, causing the avahi daemon to crash...
Unity Linux 20.1060e / 20.1070e Security Update: openvswitch (UTSA-2026-017643)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017643 advisory. Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service daemon crash and...