Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-1271
The Mail::Mailer Perl module in the perl-MailTools package 1.47 and previous versions uses mailx as the default mailer, which allows remote malicious users to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx.
Perl-mailtools Perl-mailtools 1.40
Perl-mailtools Perl-mailtools 1.42
Perl-mailtools Perl-mailtools 1.13
Perl-mailtools Perl-mailtools 1.1401
Perl-mailtools Perl-mailtools 1.15
Perl-mailtools Perl-mailtools 1.44
Perl-mailtools Perl-mailtools 1.47
446
VMScore
CVE-2017-12837
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 prior to 5.24.3-RC1 and 5.26.x prior to 5.26.1-RC1 allows remote malicious users to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-ins...
Perl Perl 5.26.0
Perl Perl
571
VMScore
CVE-2017-12883
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 prior to 5.24.3-RC1 and 5.26.x prior to 5.26.1-RC1 allows remote malicious users to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an inva...
Perl Perl 5.26.0
Perl Perl
668
VMScore
CVE-2017-12814
Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl prior to 5.24.3-RC1 and 5.26.x prior to 5.26.1-RC1 on Windows allows malicious users to execute arbitrary code via a long environment variable.
Perl Perl
Perl Perl 5.26.0
409
VMScore
CVE-2005-3962
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows malicious users to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a...
Perl Perl 5.8.6
Perl Perl 5.9.2
505
VMScore
CVE-2011-0761
Perl 5.10.x allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) tell...
Perl Perl 5.10.1
Perl Perl 5.10.0
1 EDB exploit
641
VMScore
CVE-2005-4278
Untrusted search path vulnerability in Perl prior to 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Larry Wall Perl 5.4
Larry Wall Perl 5.4.5
Larry Wall Perl 5.8.4.1
Larry Wall Perl 5.8.4.2
Larry Wall Perl 5.3
Larry Wall Perl 5.8.3
Larry Wall Perl 5.8.4
Larry Wall Perl
Larry Wall Perl 5.5
Larry Wall Perl 5.5.3
Larry Wall Perl 5.6.1
Larry Wall Perl 5.8.4.2.3
Larry Wall Perl 5.8.4.3
Larry Wall Perl 5.8.0
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.4.4
Larry Wall Perl 5.8.4.5
668
VMScore
CVE-2007-5116
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent malicious users to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
Larry Wall Perl 5.8.4.1
Larry Wall Perl 5.8.4.2
Openpkg Openpkg Current
Redhat Enterprise Linux 1.0
Larry Wall Perl 5.8.4.2.3
Larry Wall Perl 5.8.4.3
Larry Wall Perl 5.8.3
Larry Wall Perl 5.8.4
Larry Wall Perl 5.8.6
Mandrakesoft Mandrake Multi Network Firewall 2.0
Larry Wall Perl 5.8.0
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.4.4
Larry Wall Perl 5.8.4.5
383
VMScore
CVE-2011-0633
The Net::HTTPS module in libwww-perl (LWP) prior to 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remot...
Gisle Aas Libwww-perl 5.823
Gisle Aas Libwww-perl 5.822
Gisle Aas Libwww-perl 5.821
Gisle Aas Libwww-perl 5.820
Gisle Aas Libwww-perl 5.819
Gisle Aas Libwww-perl 5.805
Gisle Aas Libwww-perl 5.804
Gisle Aas Libwww-perl 5.803
Gisle Aas Libwww-perl 5.802
Gisle Aas Libwww-perl 5.68
Gisle Aas Libwww-perl 5.67
Gisle Aas Libwww-perl 5.66
Gisle Aas Libwww-perl 5.65
Gisle Aas Libwww-perl 5.53
Gisle Aas Libwww-perl 5.52
Gisle Aas Libwww-perl 5.51
Gisle Aas Libwww-perl 5.50
Gisle Aas Libwww-perl 5.34
Gisle Aas Libwww-perl 5.33
Gisle Aas Libwww-perl 5.32
Gisle Aas Libwww-perl 5.31
Gisle Aas Libwww-perl 5.13
445
VMScore
CVE-2002-2131
Directory traversal vulnerability in Perl-HTTPd prior to 1.0.2 allows remote malicious users to view arbitrary files via a .. (dot dot) in an unknown argument.
Perl-httpd Perl-httpd 1.0
Perl-httpd Perl-httpd 1.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »