Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-1010263
Perl Crypt::JWT before 0.023 is affected by: Incorrect Access Control. The impact is: allow malicious users to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is:...
Perl Crypt\\ \\ Jwt Project
7.5
CVSSv2
CVE-2018-9246
The PGObject::Util::DBAdmin module prior to 0.120.0 for Perl, as used in LedgerSMB up to and including 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or ...
Pgobject-util-dbadmin Project Pgobject-util-dbadmin
Ledgersmb Ledgersmb
7.5
CVSSv2
CVE-2018-6913
Heap-based buffer overflow in the pack function in Perl prior to 5.26.2 allows context-dependent malicious users to execute arbitrary code via a large item count.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Perl Perl
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
7.5
CVSSv2
CVE-2008-7315
UI-Dialog 1.09 and previous versions allows remote malicious users to execute arbitrary commands.
Cpan Ui\\ \\
7.5
CVSSv2
CVE-2017-12814
Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl prior to 5.24.3-RC1 and 5.26.x prior to 5.26.1-RC1 on Windows allows malicious users to execute arbitrary code via a long environment variable.
Perl Perl
Perl Perl 5.26.0
7.5
CVSSv2
CVE-2017-10788
The DBD::mysql module up to and including 4.043 for Perl allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1) certain error responses from a MySQL server or (2) a loss of a ne...
Dbd-mysql Project Dbd-mysql
7.5
CVSSv2
CVE-2017-10672
Use-after-free in the XML-LibXML module up to and including 2.0129 for Perl allows remote malicious users to execute arbitrary code by controlling the arguments to a replaceChild call.
Xml-libxml Project Xml-libxml
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2015-8608
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote malicious users to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.
Perl Perl 5.22
7.5
CVSSv2
CVE-2015-8607
The canonpath function in the File::Spec module in PathTools prior to 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent malicious users to bypass the taint protection mechanism via a crafted string.
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 15.10
Perl Pathtools
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2015-8387
PCRE prior to 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote malicious users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegE...
Pcre Perl Compatible Regular Expression Library
Fedoraproject Fedora 22
Php Php
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »