Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powerdns vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-5426
PowerDNS (aka pdns) Authoritative Server prior to 3.4.10 allows remote malicious users to cause a denial of service (backend CPU consumption) via a long qname.
Powerdns Authoritative
4
CVSSv2
CVE-2019-10203
PowerDNS Authoritative daemon , pdns versions 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.
Powerdns Authoritative Server
4.3
CVSSv2
CVE-2020-14196
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.
Powerdns Recursor
6.8
CVSSv2
CVE-2019-3806
An issue has been found in PowerDNS Recursor versions after 4.1.3 prior to 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua.
Powerdns Recursor
5.5
CVSSv2
CVE-2017-15091
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via...
Powerdns Authoritative
1 Article
4.3
CVSSv2
CVE-2017-15094
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than of...
Powerdns Recursor
1 Article
5
CVSSv2
CVE-2016-7069
An issue has been found in dnsdist prior to 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding...
Powerdns Dnsdist
9.3
CVSSv2
CVE-2018-1046
pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. T...
Powerdns Pdns
5
CVSSv2
CVE-2016-5427
PowerDNS (aka pdns) Authoritative Server prior to 3.4.10 does not properly handle a . (dot) inside labels, which allows remote malicious users to cause a denial of service (backend CPU consumption) via a crafted DNS query.
Powerdns Authoritative
5
CVSSv2
CVE-2018-16855
An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.
Powerdns Recursor
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »