Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl perl vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-47039
A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell (`cmd.exe`). When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute `cmd.exe` within...
Perl Perl
7.8
CVSSv3
CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue...
Jmcnamara Spreadsheet\\ \\
Debian Debian Linux 10.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
7.8
CVSSv3
CVE-2023-47038
A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
Perl Perl 5.34.0
1 Github repository
7.8
CVSSv3
CVE-2022-30688
needrestart 0.8 up to and including 3.5 prior to 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old sou...
Needrestart Project Needrestart
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2020-16156
CPAN 2.28 allows Signature Verification Bypass.
Perl Comprehensive Perl Archive Network 2.28
Fedoraproject Fedora 34
Fedoraproject Fedora 35
7.8
CVSSv3
CVE-2020-16154
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.
App\\ \\ Cpanminus Project
Fedoraproject Fedora 35
7.8
CVSSv3
CVE-2021-36770
Encode.pm, as distributed in Perl up to and including 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain ...
P5-encode Project P5-encode
Fedoraproject Fedora 34
Fedoraproject Fedora 33
7.8
CVSSv3
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
Exiftool Project Exiftool
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
28 Github repositories
7.8
CVSSv3
CVE-2019-20327
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software up to and including 19.10 allow local malicious users to gain privileges. (cwrapper_perl is a setuid executable allowing execution of Perl scripts with root privileges.)
Centreon Centreon
7.8
CVSSv3
CVE-2015-2325
The compile_branch function in PCRE prior to 8.37 allows context-dependent malicious users to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forwar...
Pcre Pcre
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mariadb Mariadb
Php Php
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »