Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authoritative vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-7073
An issue has been found in PowerDNS prior to 3.4.11 and 4.0.2, and PowerDNS recursor prior to 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and f...
Powerdns Recursor
Powerdns Authoritative
Debian Debian Linux 8.0
383
VMScore
CVE-2016-7074
An issue has been found in PowerDNS prior to 3.4.11 and 4.0.2, and PowerDNS recursor prior to 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record i...
Powerdns Authoritative
Powerdns Recursor
Debian Debian Linux 8.0
578
VMScore
CVE-2019-3871
A vulnerability was found in PowerDNS Authoritative Server prior to 4.0.7 and prior to 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denia...
Powerdns Authoritative Server
Fedoraproject Fedora 28
Fedoraproject Fedora 29
632
VMScore
CVE-2016-6172
PowerDNS (aka pdns) Authoritative Server prior to 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Powerdns Authoritative Server
445
VMScore
CVE-2015-5230
The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x prior to 3.4.6 allows remote malicious users to cause a denial of service (crash) via crafted query packets.
Powerdns Authoritative
Debian Debian Linux 8.0
Debian Debian Linux 9.0
383
VMScore
CVE-2022-27227
In PowerDNS Authoritative Server prior to 4.4.3, 4.5.x prior to 4.5.4, and 4.6.x prior to 4.6.1 and PowerDNS Recursor prior to 4.4.8, 4.5.x prior to 4.5.8, and 4.6.x prior to 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as...
Powerdns Recursor
Powerdns Authoritative Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2023-26437
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: up to and including 4.6.5, up to and including 4.7.4 , up to and including 4.8.3.
Powerdns Recursor
445
VMScore
CVE-2020-10995
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack u...
Powerdns Recursor
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
NA
CVE-2023-32302
Rejected reason: Authoritative user requested CVE rejection https://github.com/github/advisory-database/pull/2575#issuecomment-1745811653
NA
CVE-2023-6323
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an malicious user to impersonate an authoritative server.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »