Vulnerabilities > Powerdns > Recursor > 4.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-04 | CVE-2023-26437 | Unspecified vulnerability in Powerdns Recursor Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3. | 5.3 |
| 2022-03-25 | CVE-2022-27227 | In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers. | 7.5 |
| 2020-10-16 | CVE-2020-25829 | An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. | 7.5 |
| 2020-07-01 | CVE-2020-14196 | Incorrect Authorization vulnerability in Powerdns Recursor In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced. | 5.3 |
| 2018-12-03 | CVE-2018-16855 | Out-of-bounds Read vulnerability in Powerdns Recursor An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash. | 7.5 |
| 2018-11-29 | CVE-2018-14626 | Unspecified vulnerability in Powerdns Authoritative and Recursor PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service. | 7.5 |
| 2018-11-29 | CVE-2018-10851 | Missing Release of Resource after Effective Lifetime vulnerability in Powerdns Authoritative and Recursor PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. | 7.5 |
| 2018-11-09 | CVE-2018-14644 | Improper Input Validation vulnerability in Powerdns Recursor An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. | 5.9 |
| 2018-09-11 | CVE-2016-7074 | Improper Input Validation vulnerability in multiple products An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. | 5.9 |
| 2018-09-11 | CVE-2016-7073 | Improper Input Validation vulnerability in multiple products An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. | 5.9 |