CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-27227 – Ubuntu Security Notice USN-7203-1
https://notcve.org/view.php?id=CVE-2022-27227
25 Mar 2022 — In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers. En PowerDNS Authoritative Server versiones anteriores a 4.4.3, versiones 4.5.x anteriores a 4.5.4 y versiones4.6.x anteriores a 4.6.1 y PowerDNS Recursor versiones anteriores a 4.4.8, versiones 4.5.x anteriores a 4.5.8 y ... • http://www.openwall.com/lists/oss-security/2022/03/25/1 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10203
https://notcve.org/view.php?id=CVE-2019-10203
22 Nov 2019 — PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. Daemon autorizado de PowerDNS, pdns versiones 4.0.x anteriores a la versión 4.0.9, 4.1.x anteriores a 4.1.11, que se cierra cuando se encuentra una serie entre 2 ^ 31 y 2 ^ 32-1 al intentar notificar a un esclavo que conduce a DoS. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10203 • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 2CVE-2019-3871 – Debian Security Advisory 4424-1
https://notcve.org/view.php?id=CVE-2019-3871
21 Mar 2019 — A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoint, or possibly information disclosure by making the server connect to an internal endpoint and somehow extracting meaningful information about the response Se ha descubierto... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00022.html • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6172
https://notcve.org/view.php?id=CVE-2016-6172
26 Sep 2016 — PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response. PowerDNS (también conocido como pdns) Authoritative Server en versiones anteriores a 4.0.1 permite a servidores DNS primarios remotos provocar una denegación de servicio (agotamiento de memoria y caída del servidor DNS secundario) a través de una gran respuesta (1) AXFR o (2) IXFR. • http://lists.opensuse.org/opensuse-updates/2016-08/msg00085.html • CWE-400: Uncontrolled Resource Consumption •