Lucene search
+L

208 matches found

osv
osv
added 2026/07/06 6:27 a.m.5 views

OESA-2026-2832 python-zeroconf security update

Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Security Fixes: readcharacterstring and readstring in src/zeroconf/protocol/incoming.py sliced self.dataself.offset : self.offset + length and advanced self.offset by the declared length without checking it against...

6AI score
Exploits0References2
attackerkb
attackerkb
added 2026/07/05 10:23 p.m.10 views

CVE-2026-10657

Zephyr's DNS resolver detects mDNS .local queries in dnsresolvenameinternal subsys/net/lib/dns/resolve.c with memcmpstrrchrquery, '.', ".local", 7, which always reads a fixed 7 bytes from the suffix pointer. When the resolved hostname's final label is shorter than 7 bytes e.g. names ending in .or...

5.3CVSS6.2AI score0.00243EPSS
Exploits1References3Affected Software1
vulnrichment
vulnrichment
added 2026/07/05 10:23 p.m.6 views

CVE-2026-10657 Out-of-bounds read in Zephyr DNS resolver mDNS suffix check (memcmp past string NUL)

Zephyr's DNS resolver detects mDNS .local queries in dnsresolvenameinternal subsys/net/lib/dns/resolve.c with memcmpstrrchrquery, '.', ".local", 7, which always reads a fixed 7 bytes from the suffix pointer. When the resolved hostname's final label is shorter than 7 bytes e.g. names ending in .or...

3.7CVSS6.2AI score0.00243EPSS
Exploits1References2
cvelist
cvelist
added 2026/07/05 10:23 p.m.33 views

CVE-2026-10657 Out-of-bounds read in Zephyr DNS resolver mDNS suffix check (memcmp past string NUL)

Zephyr's DNS resolver detects mDNS .local queries in dnsresolvenameinternal subsys/net/lib/dns/resolve.c with memcmpstrrchrquery, '.', ".local", 7, which always reads a fixed 7 bytes from the suffix pointer. When the resolved hostname's final label is shorter than 7 bytes e.g. names ending in .or...

3.7CVSS0.00243EPSS
Exploits1References2
osv
osv
added 2026/07/05 10:23 p.m.4 views

CVE-2026-10657 Out-of-bounds read in Zephyr DNS resolver mDNS suffix check (memcmp past string NUL)

Zephyr's DNS resolver detects mDNS .local queries in dnsresolvenameinternal subsys/net/lib/dns/resolve.c with memcmpstrrchrquery, '.', ".local", 7, which always reads a fixed 7 bytes from the suffix pointer. When the resolved hostname's final label is shorter than 7 bytes e.g. names ending in .or...

3.7CVSS6.2AI score0.00243EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2026/07/05 12:0 a.m.10 views

PT-2026-55829

Name of the Vulnerable Software and Affected Versions Zephyr versions 1.10.0 through 3.7.0 Description The DNS resolver contains a flaw in the dns resolve name internal function within subsys/net/lib/dns/resolve.c when CONFIG MDNS RESOLVER is enabled. The system uses memcmp to detect mDNS .local...

3.7CVSS6AI score0.00243EPSS
Exploits1References5
osv
osv
added 2026/06/22 11:7 p.m.4 views

GHSA-QC2X-6F54-M6H9 zeroconf: Unvalidated rdlength in record payload readers allows LAN-local cache corruption via crafted mDNS packet

Impact readcharacterstring and readstring in src/zeroconf/protocol/incoming.py sliced self.dataself.offset : self.offset + length and advanced self.offset by the declared length without checking it against self.datalen. Python's slice silently returns fewer bytes when the end index runs past the...

7.1CVSS5.9AI score
Exploits0References4
snyk
snyk
added 2026/06/22 11:7 p.m.4 views

Improper Handling of Length Parameter Inconsistency

Overview zeroconf is a Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency via the readcharacterstring and readstring functions. An attacker can inject malicious...

7.1CVSS5.9AI score
Exploits0References2
osv
osv
added 2026/06/22 2:40 p.m.3 views

OPENSUSE-SU-2026:21014-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...

6.5CVSS6.6AI score0.00252EPSS
Exploits1References4
osv
osv
added 2026/06/22 2:38 p.m.3 views

SUSE-SU-2026:22338-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. - CVE-2026-24401: unsolicited mDNS responses containing a recursive CNAME record can crash the avahi-daemon bsc1257235...

6.5CVSS6.6AI score0.00252EPSS
Exploits1References5
snyk
snyk
added 2026/06/11 1:28 p.m.11 views

Allocation of Resources Without Limits or Throttling

Overview zeroconf is a Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the AsyncListener.handlequeryordefer function. An attacker can exhaust system memory and...

7.1CVSS5.4AI score0.00018EPSS
Exploits0References2
osv
osv
added 2026/06/11 1:28 p.m.13 views

GHSA-9663-MQMP-P9MM python-zeroconf: Unbounded TC-deferred queue allows LAN-local memory exhaustion via spoofed-source flood

Impact AsyncListener.handlequeryordefer retained every truncated TC-bit incoming query in self.deferredaddr and armed a per-addr timer in self.timersaddr that flushed the reassembled query within 500 ms RFC 6762 §18.5. Neither the per-addr list nor the number of distinct addr keys was capped, and...

6.5CVSS5.7AI score0.00018EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/11 12:0 a.m.11 views

PT-2026-48689

Name of the Vulnerable Software and Affected Versions zeroconf versions prior to 0.149.12 Description An unauthenticated host on the local link can cause a denial of service by streaming byte-distinct mDNS queries with the TC-bit truncation flag set to the AsyncListener.handle query or defer...

6.5CVSS6.1AI score0.00018EPSS
Exploits0References20
nessus
nessus
added 2026/06/10 12:0 a.m.16 views

EulerOS 2.0 SP13 : avahi (EulerOS-SA-2026-2321)

According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any...

6.5CVSS5.5AI score0.00252EPSS
Exploits1References3
nessus
nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2026-2235)

According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below,...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
nessus
nessus
added 2026/06/06 12:0 a.m.18 views

EulerOS Virtualization 2.10.0 : avahi (EulerOS-SA-2026-2042)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References5
snyk
snyk
added 2026/05/29 8:18 p.m.9 views

Allocation of Resources Without Limits or Throttling

Overview zeroconf is a Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the DNSCache.asyncadd. Any unauthenticated host on the local link can exhaust system...

7.1CVSS5.8AI score0.00023EPSS
Exploits0References2
osv
osv
added 2026/05/29 8:13 p.m.9 views

GHSA-PHVX-9MGW-67R5 zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion

Impact DNSIncoming.logexceptiondebug and the four QuietLogger exception-dedup methods stored an unbounded seenlogs dict keyed by strsys.excinfo1. The seven IncomingDecodeError messages raised from readname / decodelabelsatoffset RFC 6762 §18 name-decoding error paths all embed self.source — the...

6.5CVSS5.8AI score0.0002EPSS
Exploits0References4
snyk
snyk
added 2026/05/29 8:13 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview zeroconf is a Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the DNSIncoming.logexceptiondebug function and the exception-deduplication, which stores...

7.1CVSS5.8AI score0.0002EPSS
Exploits0References2
snyk
snyk
added 2026/05/29 8:9 p.m.9 views

Uncontrolled Recursion

Overview zeroconf is a Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Affected versions of this package are vulnerable to Uncontrolled Recursion via the DNSIncoming.decodelabelsatoffset function. An attacker can cause excessive CPU consumption and log flooding by...

7.1CVSS5.8AI score0.0002EPSS
Exploits0References2
Rows per page
Query Builder