Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5302
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is...
Perl File\\ \\
NA
CVE-2008-5303
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related...
Perl File\\ \\
5.3
CVSSv3
CVE-2013-7491
An issue exists in the DBI module prior to 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated.
Perl Dbi
6.1
CVSSv3
CVE-2014-10401
An issue exists in the DBI module prior to 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.
Perl Dbi
6.1
CVSSv3
CVE-2014-10402
An issue exists in the DBI module up to and including 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.
Perl Dbi
NA
CVE-2005-1349
Buffer overflow in Convert-UUlib (Convert::UUlib) prior to 1.051 allows remote malicious users to execute arbitrary code via a malformed parameter to a read operation.
Perl Convert Uulib
1 EDB exploit
9.8
CVSSv3
CVE-2019-1010263
Perl Crypt::JWT before 0.023 is affected by: Incorrect Access Control. The impact is: allow malicious users to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is:...
Perl Crypt\\ \\ Jwt Project
NA
CVE-2003-0900
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for malicious users to predict random numbers.
Larry Wall Perl 5.8.1
NA
CVE-2003-1365
The escape_dangerous_chars function in CGI::Lite 2.0 and previous versions does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which cou...
Perl Cgi Lite 2.0
NA
CVE-2005-0155
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.
Larry Wall Perl 5.8.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »