VYPR

Pdns

by PowerDNS

Source repositories

CVEs (20)

  • CVE-2014-7210CriJun 26, 2025
    risk 0.64cvss 9.8epss 0.00

    pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affected.

  • CVE-2016-5427HigSep 21, 2016
    risk 0.54cvss 7.5epss 0.63

    PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query.

  • CVE-2016-5426HigSep 21, 2016
    risk 0.51cvss 7.5epss 0.31

    PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname.

  • CVE-2026-42001HigMay 21, 2026
    risk 0.49cvss 7.5epss 0.00

    Insufficient Validation of Autoprimary SOA Queries

  • CVE-2025-30192HigJul 21, 2025
    risk 0.49cvss 7.5epss 0.00

    An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and…

  • CVE-2025-30195HigApr 7, 2025
    risk 0.49cvss 7.5epss 0.01

    An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would…

  • CVE-2024-25590HigOct 3, 2024
    risk 0.49cvss 7.5epss 0.01

    An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.

  • CVE-2024-25583HigApr 25, 2024
    risk 0.49cvss 7.5epss 0.01

    A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected.

  • CVE-2015-5230HigJan 15, 2020
    risk 0.49cvss 7.5epss 0.09

    The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets.

  • CVE-2019-10162HigJul 30, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative…

  • CVE-2016-2120HigNov 1, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to…

  • CVE-2026-42000MedMay 21, 2026
    risk 0.44cvss 6.8epss 0.00

    Insufficient Validation of Names During AXFR

  • CVE-2019-3871MedMar 21, 2019
    risk 0.43cvss 6.5epss 0.13

    A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial…

  • CVE-2026-42002MedMay 21, 2026
    risk 0.38cvss 5.9epss 0.00

    Concurrency and locking defects in GSS-TSIG

  • CVE-2026-42396MedMay 21, 2026
    risk 0.32cvss 4.9epss 0.00

    Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail

  • CVE-2026-41999MedMay 21, 2026
    risk 0.31cvss 4.8epss 0.00

    Incorrect Behaviour of Views with TCP PROXY Requests

  • CVE-2020-17482MedOct 2, 2020
    risk 0.28cvss 4.3epss 0.03

    An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.

  • CVE-2019-10203MedNov 22, 2019
    risk 0.28cvss 4.3epss 0.02

    PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.

  • CVE-2019-10163MedJul 30, 2019
    risk 0.28cvss 4.3epss 0.01

    A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only…

  • CVE-2015-5470Nov 2, 2015
    risk 0.01cvss epss 0.11

    The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a long name that…