423 matches found
CVE-2026-24401 Avahi has Uncontrolled Recursion in lookup_handle_cname function
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...
CVE-2026-24401
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...
CVE-2026-24401 Avahi has Uncontrolled Recursion in lookup_handle_cname function
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...
Linux Distros Unpatched Vulnerability : CVE-2026-24401
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be...
MiracleLinux 8 : unbound-1.7.3-15.el8 (AXSA:2021-2060:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2060:02 advisory. unbound: integer overflow in the regional allocator via regionalalloc CVE-2019-25032 unbound: integer overflow in sldnsstr2wirednamebuforigin can le...
USN-7967-1 avahi vulnerabilities
It was discovered that Avahi incorrectly terminated when processing browser records with wide-area disabled. An attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. CVE-2025-68276 It was discovered that Avahi incorrectly terminated when processing...
CVE-2025-68468
A flaw was found in Avahi. A remote attacker can cause a Denial of Service DoS by sending specially crafted unsolicited announcements containing CNAME resource records. These records, when pointing to other resource records with short Time-To-Live TTL values, can lead to the avahi-daemon crashing...
AZL-74288 CVE-2025-68468 affecting package avahi for versions less than 0.8-6
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they...
CVE-2025-68471 Avahi has a reachable assertion in lookup_start
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart...
CVE-2025-68471 Avahi has a reachable assertion in lookup_start
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart...
CVE-2025-68468
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they...
Avahi security vulnerability
Avahi is a set of open-source local service discovery tools for Linux. Avahi has a security vulnerability, which stems from an assertion error in the lookuphandlecname function, potentially leading to denial-of-service attacks...
Linux Distros Unpatched Vulnerability : CVE-2025-68471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed...
CVE-2023-49985
A cross-site scripting XSS vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter...
CVE-1999-0011
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer...
EUVD-2025-199205
Malicious code in gatsby-plugin-cname npm...
Malicious code in gatsby-plugin-cname (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d533b6b1c548148392393696a1a82fc32d46ae923e8a30cbc2e7a9118b1ed21 The package gatsby-plugin-cname was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191100 Malicious code in gatsby-plugin-cname (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d533b6b1c548148392393696a1a82fc32d46ae923e8a30cbc2e7a9118b1ed21 The package gatsby-plugin-cname was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
@amorist/gatsby-theme-antd (=1.0.0), @antv/f2-site (>=4.0.0-4.0.0-alpha.3.0 <=5.0.1-beta.0) +16 more potentially affected by unknown CVE via gatsby-plugin-cname (=1.0.0)
gatsby-plugin-cname NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-cname and may be impacted: - @amorist/gatsby-theme-antd =1.0.0 - @antv/f2-site =4.0.0-4.0.0-alpha.3.0, =0.9.81, =1.0.0, =1.1.18-beta.0, =0.0.1, =0.0.4,...