Known Vulnerabilities for products from Avahi
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Avahi".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34933 json | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version... | Not Provided | 2026-04-03 | 2026-04-13 |
| CVE-2023-38473 json | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. | 5.5 - MEDIUM | 2023-11-02 | 2023-11-09 |
| CVE-2023-38472 json | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. | 5.5 - MEDIUM | 2023-11-02 | 2023-11-09 |
| CVE-2023-38471 json | A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. | 5.5 - MEDIUM | 2023-11-02 | 2023-11-09 |
| CVE-2023-38470 json | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. | 5.5 - MEDIUM | 2023-11-02 | 2023-11-09 |
| CVE-2023-38469 json | A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. | 5.5 - MEDIUM | 2023-11-02 | 2023-11-09 |
| CVE-2023-1981 json | A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi ... | 5.5 - MEDIUM | 2023-05-26 | 2023-06-02 |
| CVE-2021-36217 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3502. Reason: This candidate is a duplicate of CVE-2021-3... | Not Provided | 2021-07-07 | 2023-11-07 |
| CVE-2021-26720 json | avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon... | 7.8 - HIGH | 2021-02-17 | 2022-12-06 |
| CVE-2021-3502 json | A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a loc... | 5.5 - MEDIUM | 2021-05-07 | 2023-11-07 |
| CVE-2021-3468 json | A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the... | 5.5 - MEDIUM | 2021-06-02 | 2023-06-22 |
| CVE-2017-6519 json | avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are no... | 9.1 - CRITICAL | 2017-05-01 | 2023-11-07 |
| CVE-2011-1002 json | avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loo... | 5 - MEDIUM | 2011-02-22 | 2023-12-22 |
| CVE-2010-2244 json | The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to caus... | 4.3 - MEDIUM | 2010-07-08 | 2011-03-07 |
| CVE-2009-0758 json | The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for t... | Not Provided | 2009-03-03 | 2026-04-23 |
| CVE-2008-5081 json | The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows ... | Not Provided | 2008-12-17 | 2026-04-23 |
| CVE-2007-3372 json | The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, w... | Not Provided | 2007-06-22 | 2026-04-23 |
| CVE-2006-6870 json | The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (... | Not Provided | 2006-12-31 | 2026-04-23 |
| CVE-2006-5461 json | Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead ... | Not Provided | 2006-11-14 | 2026-04-23 |
| CVE-2006-2289 json | Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors. | Not Provided | 2006-05-10 | 2025-04-03 |
Known software with vulnerabilities from Avahi
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Avahi | Avahi | 0.1 |