Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2015-7686
Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and previous versions for Perl allows remote malicious users to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthe...
Email-address Project Email-address
7.8
CVSSv2
CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions prior to 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote malicious users to conduct brute force guessing attacks against cryptographic keys.
Openssl Openssl
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
3 EDB exploits
22 Github repositories
7.8
CVSSv2
CVE-2007-2459
Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 up to and including 0.56 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP file...
Tony Cook Imager 0.44 1
Tony Cook Imager 0.45
Tony Cook Imager 0.52
Tony Cook Imager 0.53
Tony Cook Imager 0.44
Tony Cook Imager 0.50
Tony Cook Imager 0.51
Tony Cook Imager 0.45 2
Tony Cook Imager 0.46
Tony Cook Imager 0.47
Tony Cook Imager 0.54
Tony Cook Imager 0.55
Tony Cook Imager 0.48
Tony Cook Imager 0.49
Tony Cook Imager 0.56
7.8
CVSSv2
CVE-2005-4261
Unspecified vulnerability in Positive Software Corporation CP+ (cpplus) prior to 2.5.5 allows malicious users to have unknown impact and attack vectors, related to "a possible security flaw caused by a bug in Perl." NOTE: unless CP+ includes its own copy of Perl with CV...
Positive Software Cp\\+ 2.5.3
Positive Software Cp\\+ 2.5.4
Positive Software Cp\\+ 2.5.1
Positive Software Cp\\+ 2.5.2
Positive Software Cp\\+ 2.5.5
Positive Software Cp\\+ 2.5
7.6
CVSSv2
CVE-2006-0476
Buffer overflow in Nullsoft Winamp 5.12 allows remote malicious users to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
Nullsoft Winamp 5.12
4 EDB exploits
1 Github repository
7.5
CVSSv2
CVE-2020-10878
Perl prior to 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Perl Perl
Fedoraproject Fedora 31
Opensuse Leap 15.1
Netapp Snap Creator Framework -
Netapp Oncommand Workflow Automation -
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Sd-wan Aware 8.2
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Billing And Revenue Management 12.0.0.2.0
Oracle Communications Diameter Signaling Router
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Tekelec Platform Distribution
Oracle Communications Eagle Lnp Application Processor 46.7
Oracle Communications Eagle Lnp Application Processor 46.8
Oracle Communications Eagle Lnp Application Processor 46.9
Oracle Communications Lsms
Oracle Configuration Manager 12.1.2.0.8
Oracle Communications Eagle Application Processor
Oracle Sd-wan Aware 9.1
6 Github repositories
7.5
CVSSv2
CVE-2020-10674
PerlSpeak up to and including 2.01 allows malicious users to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
Perlspeak Project Perlspeak
7.5
CVSSv2
CVE-2013-1437
Eval injection vulnerability in the Module-Metadata module prior to 1.000015 for Perl allows remote malicious users to execute arbitrary Perl code via the $Version value.
Module-metadata Project Module-metadata
Fedoraproject Fedora 18
Fedoraproject Fedora 19
7.5
CVSSv2
CVE-2010-3438
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect fro...
Libpoe-component-irc-perl Project Libpoe-component-irc-perl
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 12
Fedoraproject Fedora 13
7.5
CVSSv2
CVE-2019-1010161
perl-CRYPT-JWT 0.022 and previous versions is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypa...
Perl-crypt-jwt Project Perl-crypt-jwt
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »