Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0077
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
Debian Debian Linux 3.0
Gentoo Linux
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Ubuntu Ubuntu Linux 4.10
NA
CVE-2007-1349
PerlRun.pm in Apache mod_perl prior to 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted URI.
Apache Mod Perl
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
Redhat Satellite 5.1
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 4.5
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 5.0
9.8
CVSSv3
CVE-2011-2767
mod_perl 2.0 up to and including 2.0.10 allows malicious users to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP...
Apache Mod Perl
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.4
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux 6.7
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux 7.3
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux 7.6
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
NA
CVE-2007-4829
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and previous versions allows user-assisted remote malicious users to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
Archive\\ \\ Tar Project
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
5.9
CVSSv3
CVE-2017-6512
Race condition in the rmtree and remove_tree functions in the File-Path module prior to 2.13 for Perl allows malicious users to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
File\\ \\ Path Project
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2010-1168
The Safe (aka Safe.pm) module prior to 2.25 for Perl allows context-dependent malicious users to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed ob...
Rafael Garcia-suarez Safe 2.08
Rafael Garcia-suarez Safe 2.17
Rafael Garcia-suarez Safe 2.18
Rafael Garcia-suarez Safe 2.15
Rafael Garcia-suarez Safe 2.16
Rafael Garcia-suarez Safe 2.23
Rafael Garcia-suarez Safe 2.24
Rafael Garcia-suarez Safe 2.13
Rafael Garcia-suarez Safe 2.14
Rafael Garcia-suarez Safe 2.21
Rafael Garcia-suarez Safe 2.22
Rafael Garcia-suarez Safe 2.09
Rafael Garcia-suarez Safe 2.11
Rafael Garcia-suarez Safe 2.19
Rafael Garcia-suarez Safe 2.20
9.8
CVSSv3
CVE-2014-9906
Use-after-free vulnerability in DBD::mysql prior to 4.029 allows malicious users to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.
Debian Debian Linux 8.0
Dbd-mysql Project Dbd-mysql
7.5
CVSSv3
CVE-2023-24038
The HTML-StripScripts module up to and including 1.06 for Perl allows _hss_attval_style ReDoS because of catastrophic backtracking for HTML content with certain style attributes.
Html-stripscripts Project Html-stripscripts
Debian Debian Linux 10.0
NA
CVE-2009-0663
Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent malicious users to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows.
Cmu Dbd\\ \\
NA
CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl prior to 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.
Ubuntu Ubuntu Linux 5.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »