| CVE-2022-27227 |
AVG-2656 |
Low |
Yes |
Denial of service |
A denial of service issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor before 4.6.1. IXFR usually exchanges only the modifications... |
| CVE-2020-25829 |
AVG-1243 |
High |
Yes |
Denial of service |
An issue has been found in PowerDNS Recursor before 4.3.5 where a remote attacker can cause the cached records for a given name to be updated to the ‘Bogus’... |
| CVE-2020-14196 |
AVG-1199 |
Low |
Yes |
Access restriction bypass |
An issue has been found in PowerDNS Recursor before 4.3.2 where the ACL applied to the internal web server via `webserver-allow-from` is not properly... |
| CVE-2020-12244 |
AVG-1163 |
Medium |
Yes |
Insufficient validation |
An issue has been found in PowerDNS Recursor before 4.3.1 and 4.2.2 where records in the answer section of a NXDOMAIN response lacking an SOA were not... |
| CVE-2020-10995 |
AVG-1163 |
Medium |
Yes |
Denial of service |
An issue has been found in PowerDNS Recursor before 4.3.1 and 4.2.2. An issue in the DNS protocol has been found that allow malicious parties to use... |
| CVE-2019-3807 |
AVG-856 |
Medium |
Yes |
Insufficient validation |
An issue has been found in PowerDNS Recursor before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA... |
| CVE-2019-3806 |
AVG-856 |
Low |
Yes |
Access restriction bypass |
An issue has been found in PowerDNS Recursor before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination... |
| CVE-2018-16855 |
AVG-821 |
Medium |
Yes |
Denial of service |
An issue has been found in PowerDNS Recursor versions from 4.1.0 up to and including 4.1.7, where a remote attacker sending a DNS query can trigger an... |
| CVE-2018-14644 |
AVG-805 |
Medium |
Yes |
Denial of service |
An issue has been found in PowerDNS Recursor before 4.1.5 where a remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being... |
| CVE-2018-14626 |
AVG-805 |
Medium |
Yes |
Denial of service |
An issue has been found in PowerDNS Authoritative Server before 4.1.5 and PowerDNS Recursor before 4.1.5, allowing a remote user to craft a DNS query that... |
| CVE-2018-10851 |
AVG-805 |
Medium |
Yes |
Denial of service |
An issue has been found in PowerDNS Authoritative Server before 4.1.5 and PowerDNS Recursor before 4.1.5. The issue is due to the fact that some memory is... |
| CVE-2017-15094 |
AVG-520 |
Medium |
Yes |
Denial of service |
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, during a code audit by Nixu, leading to a... |
| CVE-2017-15093 |
AVG-520 |
Medium |
Yes |
Insufficient validation |
An issue has been found in the API of PowerDNS Recursor < 4.0.7, during a source code audit by Nixu. When 'api-config-dir' is set to a non-empty value,... |
| CVE-2017-15092 |
AVG-520 |
Medium |
Yes |
Cross-site scripting |
An issue has been found in the web interface of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the qname of DNS queries was displayed... |
| CVE-2017-15090 |
AVG-520 |
Medium |
Yes |
Insufficient validation |
An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 up to and including 4.0.5, where the signatures might have been... |
| CVE-2016-7074 |
AVG-148 |
Medium |
Yes |
Insufficient validation |
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of... |
| CVE-2016-7073 |
AVG-148 |
Medium |
Yes |
Insufficient validation |
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of... |
| CVE-2016-7068 |
AVG-148 |
Medium |
Yes |
Denial of service |
An issue has been found in PowerDNS allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending... |