Vulnerabilities > Avahi

DATE CVE VULNERABILITY TITLE RISK
2023-11-02 CVE-2023-38473 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi.
local
low complexity
avahi redhat CWE-617
5.5
2023-11-02 CVE-2023-38469 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.
local
low complexity
avahi redhat CWE-617
5.5
2023-11-02 CVE-2023-38470 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi.
local
low complexity
avahi redhat CWE-617
5.5
2023-11-02 CVE-2023-38471 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi.
local
low complexity
avahi redhat CWE-617
5.5
2023-11-02 CVE-2023-38472 Reachable Assertion vulnerability in multiple products
A vulnerability was found in Avahi.
local
low complexity
avahi redhat CWE-617
5.5
2023-05-26 CVE-2023-1981 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in the avahi library.
local
low complexity
avahi fedoraproject redhat CWE-400
5.5
2021-06-02 CVE-2021-3468 Infinite Loop vulnerability in multiple products
A flaw was found in avahi in versions 0.6 up to 0.8.
local
low complexity
avahi debian CWE-835
5.5
2021-05-07 CVE-2021-3502 Reachable Assertion vulnerability in Avahi 0.85
A flaw was found in avahi 0.8-5.
local
low complexity
avahi CWE-617
5.5
2021-02-17 CVE-2021-26720 Link Following vulnerability in multiple products
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon.
local
low complexity
avahi debian CWE-59
7.8
2017-05-01 CVE-2017-6519 Origin Validation Error vulnerability in multiple products
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets.
network
low complexity
avahi canonical CWE-346
critical
9.1