Vulnerabilities > Powerdns > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-27 | CVE-2017-15120 | NULL Pointer Dereference vulnerability in multiple products An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. | 7.5 |
| 2018-07-16 | CVE-2018-1046 | Out-of-bounds Write vulnerability in Powerdns Pdns pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. | 7.8 |
| 2018-01-23 | CVE-2017-15091 | Improperly Implemented Security Check for Standard vulnerability in Powerdns Authoritative An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. | 7.1 |
| 2017-08-22 | CVE-2017-7557 | Cross-Site Request Forgery (CSRF) vulnerability in Powerdns Dnsdist 1.1.0 dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack. | 8.8 |
| 2016-09-21 | CVE-2016-5427 | Resource Management Errors vulnerability in Powerdns Authoritative PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . | 7.5 |
| 2016-09-21 | CVE-2016-5426 | Resource Management Errors vulnerability in Powerdns Authoritative PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname. | 7.5 |