Filtered by vendor Powerdns
Subscribe
Total
106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4252 | 1 Powerdns | 1 Recursor | 2026-04-23 | 5.0 MEDIUM | N/A |
| PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a denial of service (resource exhaustion and application crash) via a CNAME record with a zero TTL, which triggers an infinite loop. | |||||
| CVE-2008-5277 | 1 Powerdns | 1 Powerdns | 2026-04-23 | 4.3 MEDIUM | N/A |
| PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query. | |||||
| CVE-2009-4009 | 1 Powerdns | 1 Recursor | 2026-04-23 | 10.0 HIGH | N/A |
| Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets. | |||||
| CVE-2009-4010 | 1 Powerdns | 1 Recursor | 2026-04-23 | 7.5 HIGH | N/A |
| Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones. | |||||
| CVE-2006-4251 | 1 Powerdns | 1 Recursor | 2026-04-23 | 7.5 HIGH | N/A |
| Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length. | |||||
| CVE-2008-3337 | 1 Powerdns | 2 Authoritative Server, Powerdns | 2026-04-23 | 6.4 MEDIUM | N/A |
| PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217. | |||||
| CVE-2025-59024 | 1 Powerdns | 1 Recursor | 2026-04-20 | N/A | 6.5 MEDIUM |
| Crafted delegations or IP fragments can poison cached delegations in Recursor. | |||||
| CVE-2025-59023 | 1 Powerdns | 1 Recursor | 2026-04-20 | N/A | 8.2 HIGH |
| Crafted delegations or IP fragments can poison cached delegations in Recursor. | |||||
| CVE-2026-0398 | 1 Powerdns | 1 Recursor | 2026-04-20 | N/A | 5.3 MEDIUM |
| Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor. | |||||
| CVE-2026-24027 | 1 Powerdns | 1 Recursor | 2026-04-20 | N/A | 5.3 MEDIUM |
| Crafted zones can lead to increased incoming network traffic. | |||||
| CVE-2005-0428 | 1 Powerdns | 1 Powerdns | 2026-04-16 | 5.0 MEDIUM | N/A |
| The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes. | |||||
| CVE-2005-0038 | 1 Powerdns | 1 Powerdns | 2026-04-16 | 5.0 MEDIUM | N/A |
| The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. | |||||
| CVE-2005-2302 | 1 Powerdns | 1 Powerdns | 2026-04-16 | 2.1 LOW | N/A |
| PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion. | |||||
| CVE-2006-2069 | 1 Powerdns | 1 Powerdns | 2026-04-16 | 5.0 MEDIUM | N/A |
| The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets. | |||||
| CVE-2005-2301 | 1 Powerdns | 1 Powerdns | 2026-04-16 | 5.0 MEDIUM | N/A |
| PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack. | |||||
| CVE-2026-0397 | 1 Powerdns | 1 Dnsdist | 2026-04-14 | N/A | 3.1 LOW |
| When the internal webserver is enabled (default is disabled), an attacker might be able to trick an administrator logged to the dashboard into visiting a malicious website and extract information about the running configuration from the dashboard. The root cause of the issue is a misconfiguration of the Cross-Origin Resource Sharing (CORS) policy. | |||||
| CVE-2026-24028 | 1 Powerdns | 1 Dnsdist | 2026-04-14 | N/A | 5.3 MEDIUM |
| An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential information disclosure. | |||||
| CVE-2026-24029 | 1 Powerdns | 1 Dnsdist | 2026-04-14 | N/A | 6.5 MEDIUM |
| When the early_acl_drop (earlyACLDrop in Lua) option is disabled (default is enabled) on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL. | |||||
| CVE-2026-24030 | 1 Powerdns | 1 Dnsdist | 2026-04-14 | N/A | 5.3 MEDIUM |
| An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly closed, but in some cases the system might enter an out-of-memory state instead and terminate the process. | |||||
| CVE-2026-27853 | 1 Powerdns | 1 Dnsdist | 2026-04-14 | N/A | 5.9 MEDIUM |
| An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535 bytes, potentially leading to a crash resulting in denial of service. | |||||