Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-47156
The Net::IPAddress::Util module prior to 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2018-25099
In the CryptX module prior to 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag.
NA
CVE-2021-47154
The Net::CIDR::Lite module prior to 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2021-47155
The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2021-47157
The Kossy module prior to 0.60 for Perl allows JSON hijacking because of X-Requested-With mishandling.
NA
CVE-2024-25021
IBM AIX 7.3, VIOS 4.1's Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary commands. IBM X-Force ID: 281320.
NA
CVE-2023-52431
The Plack::Middleware::XSRFBlock package prior to 0.0.19 for Perl allows malicious users to bypass a CSRF protection mechanism via an empty form value and an empty cookie (if signed cookies are disabled).
NA
CVE-2022-48623
The Cpanel::JSON::XS package prior to 4.33 for Perl performs out-of-bounds accesses in a way that allows malicious users to obtain sensitive information or cause a denial of service.
NA
CVE-2023-6078
An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. Upload of a specially crafted perl script can lead to arbitrary command execution.
3ds Biovia Materials Studio
NA
CVE-2024-23525
The Spreadsheet::ParseXLSX package prior to 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.
Tozt Spreadsheet
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »