Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl perl vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-2131
Directory traversal vulnerability in Perl-HTTPd prior to 1.0.2 allows remote malicious users to view arbitrary files via a .. (dot dot) in an unknown argument.
Perl-httpd Perl-httpd 1.0.1
Perl-httpd Perl-httpd 1.0
7.5
CVSSv2
CVE-2007-5116
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent malicious users to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
Larry Wall Perl 5.8.0
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.3
Larry Wall Perl 5.8.4
Larry Wall Perl 5.8.4.1
Larry Wall Perl 5.8.4.2
Larry Wall Perl 5.8.4.2.3
Larry Wall Perl 5.8.4.3
Larry Wall Perl 5.8.4.4
Larry Wall Perl 5.8.4.5
Larry Wall Perl 5.8.6
Mandrakesoft Mandrake Multi Network Firewall 2.0
Openpkg Openpkg Current
Redhat Enterprise Linux 1.0
2.1
CVSSv2
CVE-2004-0976
Multiple scripts in the perl package in Trustix Secure Linux 1.5 up to and including 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Larry Wall Perl 5.6
Larry Wall Perl 5.8.0
Larry Wall Perl 5.6.1
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.3
NA
CVE-2023-47039
A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell (`cmd.exe`). When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute `cmd.exe` within...
Perl Perl
NA
CVE-2023-47100
In Perl prior to 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.
Perl Perl
2.1
CVSSv2
CVE-1999-1386
Perl 5.004_04 and previous versions follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
Perl Perl
7.2
CVSSv2
CVE-2000-0703
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that ...
Larry Wall Perl 5.6
Larry Wall Perl 5.5
Larry Wall Perl 5.5.3
Larry Wall Perl 5.4.5
2 EDB exploits
1.2
CVSSv2
CVE-2005-0448
Race condition in the rmtree function in File::Path.pm in Perl prior to 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
Larry Wall Perl 5.8.0
Larry Wall Perl 5.8.4
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.3
4.6
CVSSv2
CVE-2008-2827
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Perl Perl 5.10
1 EDB exploit
5
CVSSv2
CVE-2009-3626
Perl 5.10.1 allows context-dependent malicious users to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match.
Perl Perl 5.10.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »