Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powerdns powerdns vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2017-15091
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via...
Powerdns Authoritative
1 Article
5.3
CVSSv3
CVE-2017-15093
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to conf...
Powerdns Recursor
1 Article
7.8
CVSSv3
CVE-2018-1046
pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. T...
Powerdns Pdns
5.9
CVSSv3
CVE-2018-14644
An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authori...
Powerdns Recursor
5.9
CVSSv3
CVE-2018-14663
An issue has been found in PowerDNS DNSDist prior to 1.3.3 allowing a remote malicious user to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record when adding EDNS Client Subnet, might result in the trailing data being smu...
Powerdns Dnsdist
8.8
CVSSv3
CVE-2020-10030
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems wh...
Powerdns Recursor
7.5
CVSSv3
CVE-2018-16855
An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.
Powerdns Recursor
7.5
CVSSv3
CVE-2016-7069
An issue has been found in dnsdist prior to 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding...
Powerdns Dnsdist
4.3
CVSSv3
CVE-2019-10203
PowerDNS Authoritative daemon , pdns versions 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.
Powerdns Authoritative Server
5.3
CVSSv3
CVE-2020-14196
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.
Powerdns Recursor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »