Lucene search
+L

423 matches found

Cvelist
Cvelist
added 2026/01/24 1:25 a.m.38 views

CVE-2026-24401 Avahi has Uncontrolled Recursion in lookup_handle_cname function

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS0.00252EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/01/24 1:25 a.m.9 views

CVE-2026-24401

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References3
OSV
OSV
added 2026/01/24 1:25 a.m.6 views

CVE-2026-24401 Avahi has Uncontrolled Recursion in lookup_handle_cname function

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS5.6AI score0.00252EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-24401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be...

6.5CVSS5.8AI score0.00252EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : unbound-1.7.3-15.el8 (AXSA:2021-2060:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2060:02 advisory. unbound: integer overflow in the regional allocator via regionalalloc CVE-2019-25032 unbound: integer overflow in sldnsstr2wirednamebuforigin can le...

9.8CVSS5.7AI score0.02179EPSS
Exploits0References12
OSV
OSV
added 2026/01/19 12:30 p.m.6 views

USN-7967-1 avahi vulnerabilities

It was discovered that Avahi incorrectly terminated when processing browser records with wide-area disabled. An attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. CVE-2025-68276 It was discovered that Avahi incorrectly terminated when processing...

6.5CVSS5.8AI score0.00353EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/13 11:6 p.m.5 views

CVE-2025-68468

A flaw was found in Avahi. A remote attacker can cause a Denial of Service DoS by sending specially crafted unsolicited announcements containing CNAME resource records. These records, when pointing to other resource records with short Time-To-Live TTL values, can lead to the avahi-daemon crashing...

6.5CVSS6.6AI score0.00331EPSS
Exploits0References6
OSV
OSV
added 2026/01/12 6:15 p.m.5 views

AZL-74288 CVE-2025-68468 affecting package avahi for versions less than 0.8-6

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they...

6.5CVSS5.7AI score0.00331EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/12 5:39 p.m.27 views

CVE-2025-68471 Avahi has a reachable assertion in lookup_start

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart...

6.5CVSS0.00353EPSS
Exploits1References3
OSV
OSV
added 2026/01/12 5:39 p.m.7 views

CVE-2025-68471 Avahi has a reachable assertion in lookup_start

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart...

6.5CVSS6.6AI score0.00353EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/01/12 5:38 p.m.4 views

CVE-2025-68468

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they...

6.5CVSS6.7AI score0.00331EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/12 12:0 a.m.9 views

Avahi security vulnerability

Avahi is a set of open-source local service discovery tools for Linux. Avahi has a security vulnerability, which stems from an assertion error in the lookuphandlecname function, potentially leading to denial-of-service attacks...

5.8AI score0.00063EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/12 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed...

6.5CVSS5.8AI score0.00353EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.11 views

CVE-2023-49985

A cross-site scripting XSS vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter...

6.5CVSS5.8AI score0.00468EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:40 a.m.9 views

CVE-1999-0011

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer...

10CVSS7.2AI score0.05469EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/24 10:37 p.m.6 views

EUVD-2025-199205

Malicious code in gatsby-plugin-cname npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:37 p.m.8 views

Malicious code in gatsby-plugin-cname (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d533b6b1c548148392393696a1a82fc32d46ae923e8a30cbc2e7a9118b1ed21 The package gatsby-plugin-cname was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 10:37 p.m.5 views

MAL-2025-191100 Malicious code in gatsby-plugin-cname (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d533b6b1c548148392393696a1a82fc32d46ae923e8a30cbc2e7a9118b1ed21 The package gatsby-plugin-cname was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 4:24 p.m.1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.13 views

@amorist/gatsby-theme-antd (=1.0.0), @antv/f2-site (>=4.0.0-4.0.0-alpha.3.0 <=5.0.1-beta.0) +16 more potentially affected by unknown CVE via gatsby-plugin-cname (=1.0.0)

gatsby-plugin-cname NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-cname and may be impacted: - @amorist/gatsby-theme-antd =1.0.0 - @antv/f2-site =4.0.0-4.0.0-alpha.3.0, =0.9.81, =1.0.0, =1.1.18-beta.0, =0.0.1, =0.0.4,...

5.8AI score
Exploits0
Rows per page
Query Builder