Search CVE reports

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks,...

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.

A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.

A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.

A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.

A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.

A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.

A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3502. Reason: This candidate is a duplicate of CVE-2021-3502. Notes: All CVE users should reference CVE-2021-3502 instead of this candidate. All references...

A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or...