Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powerdns authoritative vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-26437
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: up to and including 4.6.5, up to and including 4.7.4 , up to and including 4.8.3.
Powerdns Recursor
7.5
CVSSv3
CVE-2022-27227
In PowerDNS Authoritative Server prior to 4.4.3, 4.5.x prior to 4.5.4, and 4.6.x prior to 4.6.1 and PowerDNS Recursor prior to 4.4.8, 4.5.x prior to 4.5.8, and 4.6.x prior to 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as...
Powerdns Recursor
Powerdns Authoritative Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2021-36754
PowerDNS Authoritative Server 4.5.0 prior to 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.
Powerdns Authoritative Server
8.1
CVSSv3
CVE-2020-24696
An issue exists in PowerDNS Authoritative up to and including 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG si...
Powerdns Authoritative
7.5
CVSSv3
CVE-2020-24697
An issue exists in PowerDNS Authoritative up to and including 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature.
Powerdns Authoritative
4.3
CVSSv3
CVE-2020-17482
An issue has been found in PowerDNS Authoritative Server prior to 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.
Powerdns Authoritative
9.8
CVSSv3
CVE-2020-24698
An issue exists in PowerDNS Authoritative up to and including 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS...
Powerdns Authoritative
7.5
CVSSv3
CVE-2020-10995
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack u...
Powerdns Recursor
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv3
CVE-2020-12244
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an malicious user to bypass DNSSEC validation.
Powerdns Recursor
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv3
CVE-2015-5230
The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x prior to 3.4.6 allows remote malicious users to cause a denial of service (crash) via crafted query packets.
Powerdns Authoritative
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »