Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powerdns vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-7068
An issue has been found in PowerDNS prior to 3.4.11 and 4.0.2, and PowerDNS recursor prior to 3.7.4 and 4.0.4, allowing a remote, unauthenticated malicious user to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a part...
Powerdns Authoritative
Powerdns Recursor
Debian Debian Linux 8.0
5.9
CVSSv3
CVE-2016-7073
An issue has been found in PowerDNS prior to 3.4.11 and 4.0.2, and PowerDNS recursor prior to 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and f...
Powerdns Recursor
Powerdns Authoritative
Debian Debian Linux 8.0
5.9
CVSSv3
CVE-2016-7074
An issue has been found in PowerDNS prior to 3.4.11 and 4.0.2, and PowerDNS recursor prior to 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record i...
Powerdns Authoritative
Powerdns Recursor
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2019-10162
A vulnerability has been found in PowerDNS Authoritative Server prior to 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will ...
Powerdns Authoritative 4.0.0
Powerdns Authoritative
Opensuse Leap 15.0
Opensuse Leap 15.1
8.1
CVSSv3
CVE-2020-24696
An issue exists in PowerDNS Authoritative up to and including 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG si...
Powerdns Authoritative
5.3
CVSSv3
CVE-2023-26437
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: up to and including 4.6.5, up to and including 4.7.4 , up to and including 4.8.3.
Powerdns Recursor
7.5
CVSSv3
CVE-2020-24697
An issue exists in PowerDNS Authoritative up to and including 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature.
Powerdns Authoritative
7.8
CVSSv3
CVE-2018-1046
pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. T...
Powerdns Pdns
5.9
CVSSv3
CVE-2017-15090
An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in ...
Powerdns Recursor
1 Article
7.1
CVSSv3
CVE-2017-15091
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via...
Powerdns Authoritative
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »