CVE-2026-28810 Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver

Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel inetres, inetdb modules allows DNS Cache Poisoning. The built-in DNS resolver inetres uses a sequential, process-global 16-bit transaction ID for UDP queries and does not implement source port randomization...

EulerOS Virtualization 2.10.0 : avahi (EulerOS-SA-2026-1549)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them...

EulerOS 2.0 SP10 : avahi (EulerOS-SA-2026-1327)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after...

CVE-2010-0362

Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses...

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2025-2454)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS...

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2025-2473)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS...

CVE-2025-11728

The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and unauthorized modification of data due to missing authentication and capability checks on the 'returnpayment' and 'noticepayment' functions in all versions up to, and including, 6.0. This makes it possibl...

EUVD-2025-34540

The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and unauthorized modification of data due to missing authentication and capability checks on the 'returnpayment' and 'noticepayment' functions in all versions up to, and including, 6.0. This makes it possibl...

EUVD-2021-12569

Malware in sbrugna...

EUVD-2008-1157

Malware in sbrugna...

EUVD-2010-0393

Malware in sbrugna...

EUVD-2008-3616

Malware in sbrugna...

EUVD-2008-4084

Malware in sbrugna...

EUVD-2008-4109

Malware in sbrugna...

EUVD-2008-1155

Malware in sbrugna...

RLSA-2025:7437 Moderate: avahi security update

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...

EUVD-2024-46029

Malicious code in bioql PyPI...

EUVD-2022-52246

Malicious code in bioql PyPI...

EUVD-2023-12721

Malicious code in bioql PyPI...

OESA-2025-2251 avahi security update

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared...