Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpan vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-31486
HTTP::Tiny prior to 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
Http\\ \\ Tiny Project
Perl Perl
570
VMScore
CVE-2015-3406
The PGP signature parsing in Module::Signature prior to 0.74 allows remote malicious users to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
445
VMScore
CVE-2015-3407
Module::Signature prior to 0.74 allows remote malicious users to bypass signature verification for files via a signature file that does not list the files.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
Module-signature Project Module-signature
890
VMScore
CVE-2015-3408
Module::Signature prior to 0.74 allows remote malicious users to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
641
VMScore
CVE-2015-3409
Untrusted search path vulnerability in Module::Signature prior to 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
760
VMScore
CVE-2012-6329
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl prior to 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent malicious users to execute arbitrary co...
Perl Perl 5.16.0
Perl Perl 5.14.3
Perl Perl 5.14.0
Perl Perl 5.13.2
Perl Perl 5.10.0
Perl Perl 5.12.0
Perl Perl 5.11.4
Perl Perl 5.11.2
Perl Perl 5.11.3
Perl Perl 5.12.3
Perl Perl
Perl Perl 5.16.1
Perl Perl 5.14.1
Perl Perl 5.13.0
Perl Perl 5.13.3
Perl Perl 5.11.0
Perl Perl 5.10
Perl Perl 5.12.1
Perl Perl 5.12.2
Perl Perl 5.10.1
Perl Perl 5.13.5
Perl Perl 5.13.4
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2