Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powerdns authoritative vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2020-24696
An issue exists in PowerDNS Authoritative up to and including 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG si...
Powerdns Authoritative
6.8
CVSSv2
CVE-2020-24698
An issue exists in PowerDNS Authoritative up to and including 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS...
Powerdns Authoritative
5
CVSSv2
CVE-2016-5426
PowerDNS (aka pdns) Authoritative Server prior to 3.4.10 allows remote malicious users to cause a denial of service (backend CPU consumption) via a long qname.
Powerdns Authoritative
5
CVSSv2
CVE-2016-5427
PowerDNS (aka pdns) Authoritative Server prior to 3.4.10 does not properly handle a . (dot) inside labels, which allows remote malicious users to cause a denial of service (backend CPU consumption) via a crafted DNS query.
Powerdns Authoritative
5.5
CVSSv2
CVE-2017-15091
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via...
Powerdns Authoritative
1 Article
4
CVSSv2
CVE-2019-10163
A Vulnerability has been found in PowerDNS Authoritative Server prior to 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers co...
Powerdns Authoritative 4.1.0
Powerdns Authoritative
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
5
CVSSv2
CVE-2021-36754
PowerDNS Authoritative Server 4.5.0 prior to 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.
Powerdns Authoritative Server
7.8
CVSSv2
CVE-2016-7068
An issue has been found in PowerDNS prior to 3.4.11 and 4.0.2, and PowerDNS recursor prior to 3.7.4 and 4.0.4, allowing a remote, unauthenticated malicious user to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a part...
Powerdns Authoritative
Powerdns Recursor
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2016-7073
An issue has been found in PowerDNS prior to 3.4.11 and 4.0.2, and PowerDNS recursor prior to 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and f...
Powerdns Recursor
Powerdns Authoritative
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2016-7074
An issue has been found in PowerDNS prior to 3.4.11 and 4.0.2, and PowerDNS recursor prior to 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record i...
Powerdns Authoritative
Powerdns Recursor
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »