SUSE SLED15 / SLES15 / openSUSE 15 Security Update : avahi (SUSE-SU-2026:1441-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1441-1 advisory. This update for avahi fixes the following issue: - CVE-2026-24401: avahi-daemon can be crashed via a...

CVE-2026-20067 Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...

CVE-2026-20067

Cisco reports CVE-2026-20067 affects multiple products running the Snort 3 detection engine. The root cause is incomplete error checking when parsing Multicast DNS fields of the HTTP header, exploitable by an unauthenticated, remote attacker sending crafted HTTP packets over the network. Successf...

CVE-2025-5688

We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from a...

Cisco IOS XE Wireless Controller software 代码问题漏洞

Cisco IOS XE Wireless Controller software is a wireless LAN controller from Cisco, Inc. Cisco IOS XE Wireless Controller software, which provides a managed network function, suffers from a denial-of-service vulnerability that stems from inadequate validation of incoming CAPWAP packets encapsulati...

CVE-2021-1439

A vulnerability in the multicast DNS mDNS gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of incoming mDNS...

CVE-2020-26966

Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. Note: This issue only affected Windows operating systems. Other operating systems are unaffected.. This...

CVE-2020-3182

A vulnerability in the multicast DNS mDNS protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running. The vulnerability exists because sensitive information ...

Internet Bug Bounty: CVE-2017-8798 - miniupnp getHTTPResponse chunked encoding integer signedness error

Integer signedness error in miniupnpc 1 allows remote attackers to cause a denial of service condition access violation and heap corruption via specially crafted HTTP response An integer signedness error was found in miniupnp's miniwget allowing an unauthenticated remote entity typically located ...

OpenStack Designate 'mDNS' Service Denial of Service Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA and Rackspace, Inc. in the United States. A denial of service vulnerability exists in OpenStack Designate 'mDNS' Service, which allows remote attackers to exploit this vulnerabilit...