Recursor@* Security Vulnerabilities and Issues — Recursor@* CVE List

Lucene search

PowerdnsRecursor*

8 matches found

CVE•added 2022/03/25 3:15 p.m.•316 views

CVE-2022-27227

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.

7.5CVSS7.3AI score0.00109EPSS

CVE•added 2020/10/16 6:15 a.m.•238 views

CVE-2020-25829

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results ...

7.5CVSS7.1AI score0.00348EPSS

CVE•added 2018/09/11 1:29 p.m.•226 views

CVE-2016-7068

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the ...

7.8CVSS7AI score0.00085EPSS

CVE•added 2018/07/27 3:29 p.m.•120 views

CVE-2017-15120

An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service.

7.5CVSS7.3AI score0.00396EPSS

CVE•added 2018/09/11 1:29 p.m.•108 views

CVE-2016-7073

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found i...

5.9CVSS6.1AI score0.00006EPSS

CVE•added 2018/09/11 1:29 p.m.•106 views

CVE-2016-7074

5.9CVSS6.2AI score0.00004EPSS

CVE•added 2023/04/04 3:15 p.m.•94 views

CVE-2023-26437

Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.

5.3CVSS4.7AI score0.00005EPSS

CVE•added 2018/12/03 2:29 p.m.•88 views

CVE-2018-16855

An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.

7.5CVSS7.3AI score0.19834EPSS