Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
recursor vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-16855
An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.
Powerdns Recursor
383
VMScore
CVE-2018-14644
An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authori...
Powerdns Recursor
570
VMScore
CVE-2019-3807
An issue has been found in PowerDNS Recursor versions 4.1.x prior to 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an malicious user to bypass DNSSEC validation.
Powerdns Recursor
312
VMScore
CVE-2017-15093
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to conf...
Powerdns Recursor
1 Article
NA
CVE-2023-26437
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: up to and including 4.6.5, up to and including 4.7.4 , up to and including 4.8.3.
Powerdns Recursor
383
VMScore
CVE-2017-15094
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than of...
Powerdns Recursor
1 Article
605
VMScore
CVE-2019-3806
An issue has been found in PowerDNS Recursor versions after 4.1.3 prior to 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua.
Powerdns Recursor
383
VMScore
CVE-2020-14196
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.
Powerdns Recursor
605
VMScore
CVE-2008-1637
PowerDNS Recursor prior to 3.1.5 uses insufficient randomness to calculate (1) TRXID values and (2) UDP source port numbers, which makes it easier for remote malicious users to poison a DNS cache, related to (a) algorithmic deficiencies in rand and random functions in external li...
Powerdns Recursor
383
VMScore
CVE-2018-1000003
Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
Powerdns Recursor 4.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »