Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0900
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for malicious users to predict random numbers.
Larry Wall Perl 5.8.1
NA
CVE-2005-0155
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.
Larry Wall Perl 5.8.0
1 EDB exploit
9.8
CVSSv3
CVE-2019-1010263
Perl Crypt::JWT before 0.023 is affected by: Incorrect Access Control. The impact is: allow malicious users to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is:...
Perl Crypt Jwt Project
NA
CVE-2004-0377
Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl prior to 5.8.3 allows local or remote malicious users to execute arbitrary commands via filenames that end in a backslash character.
Activestate Activeperl
Larry Wall Perl
NA
CVE-2008-4997
dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage.
Pilot-qof Datafreedom-perl 0.1.7
5.3
CVSSv3
CVE-2013-7490
An issue exists in the DBI module prior to 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
Perl Dbi
Canonical Ubuntu Linux 14.04
NA
CVE-2005-4536
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
Debian Libmail-audit-perl 2.1-5
NA
CVE-2003-0618
Multiple vulnerabilities in suidperl 5.6.1 and previous versions allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
Perl Suidperl
Debian Debian Linux 3.0
NA
CVE-2015-8381
The compile_regex function in pcre_compile.c in PCRE prior to 8.38 and pcre2_compile.c in PCRE2 prior to 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\z(?|(?'...
Pcre Perl Compatible Regular Expression Library
NA
CVE-2015-8382
The match function in pcre_exec.c in PCRE prior to 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote malicious users to obtain sensitive information from process mem...
Pcre Perl Compatible Regular Expression Library 8.36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »