Skip to main content

Authoritative Server

6 CVEs product

Monthly

CVE-2022-27227 HIGH PATCH This Week

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Authoritative Server Recursor Fedora
NVD
CVSS 3.1
7.5
EPSS
4.9%
CVE-2021-36754 HIGH POC THREAT This Week

PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Authoritative Server
NVD
CVSS 3.1
7.5
EPSS
64.9%
CVE-2019-10203 MEDIUM This Month

PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Authoritative Server
NVD
CVSS 3.1
4.3
EPSS
1.6%
CVE-2019-3871 HIGH POC THREAT This Week

A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Authoritative Server Fedora
NVD
CVSS 3.0
8.8
EPSS
12.6%
CVE-2016-6172 MEDIUM PATCH This Month

PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Leap Opensuse Authoritative Server
NVD GitHub
CVSS 3.0
6.8
EPSS
0.0%
CVE-2012-0206 MEDIUM PATCH This Month

common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authoritative Server
NVD
CVSS 2.0
5.0
EPSS
0.0%
EPSS 5% CVSS 7.5
HIGH PATCH This Week

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Authoritative Server Recursor +1
NVD
EPSS 65% CVSS 7.5
HIGH POC THREAT This Week

PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Authoritative Server
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Authoritative Server
NVD
EPSS 13% CVSS 8.8
HIGH POC THREAT This Week

A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Authoritative Server +1
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Leap Opensuse +1
NVD GitHub
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Authoritative Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy