Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0900
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for malicious users to predict random numbers.
Larry Wall Perl 5.8.1
NA
CVE-2013-7329
The CGI::Application module prior to 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote malicious users to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function.
Perl Cgi Application Module
NA
CVE-2004-0377
Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl prior to 5.8.3 allows local or remote malicious users to execute arbitrary commands via filenames that end in a backslash character.
Activestate Activeperl
Larry Wall Perl
NA
CVE-2008-4997
dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage.
Pilot-qof Datafreedom-perl 0.1.7
NA
CVE-2005-4536
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
Debian Libmail-audit-perl 2.1-5
NA
CVE-2003-0618
Multiple vulnerabilities in suidperl 5.6.1 and previous versions allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
Perl Suidperl
Debian Debian Linux 3.0
NA
CVE-2015-8381
The compile_regex function in pcre_compile.c in PCRE prior to 8.38 and pcre2_compile.c in PCRE2 prior to 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\z(?|(?'...
Pcre Perl Compatible Regular Expression Library
5.3
CVSSv3
CVE-2013-7490
An issue exists in the DBI module prior to 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
Perl Dbi
Canonical Ubuntu Linux 14.04
NA
CVE-2015-8382
The match function in pcre_exec.c in PCRE prior to 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote malicious users to obtain sensitive information from process mem...
Pcre Perl Compatible Regular Expression Library 8.36
NA
CVE-2005-2854
CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote malicious users to use the script as a mail relay (spam proxy) via CRLF sequences in the (1) name or (2) email fields, which are injected into mail headers.
Thesitewizard.com Chfeedback.pl Feedback Form Perl Script 2.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »