Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-0522
Cross-site scripting (XSS) vulnerability in multiple Hal Networks shopping-cart products allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Hal Networks Perl Cgi Cart
Hal Networks Php Cart
Hal Networks Shop Hal V1
7.5
CVSSv2
CVE-2015-8607
The canonpath function in the File::Spec module in PathTools prior to 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent malicious users to bypass the taint protection mechanism via a crafted string.
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 15.10
Perl Pathtools
Debian Debian Linux 8.0
6.4
CVSSv2
CVE-2018-12015
In Perl up to and including 5.26.2, the Archive::Tar module allows remote malicious users to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Perl Perl
Archive\\ \\ Tar Project
Apple Mac Os X
Netapp Data Ontap Edge -
Netapp Snap Creator Framework -
Netapp Oncommand Workflow Automation -
Netapp Snapdrive -
7.2
CVSSv2
CVE-1999-0034
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
Larry Wall Perl 5.3
Sgi Freeware 1.0
Sgi Freeware 2.0
Bsdi Bsd Os 3.0
Bsdi Bsd Os 2.1
Redhat Linux 4.1
Redhat Linux 4.0
Redhat Linux 4.2
4 EDB exploits
1.9
CVSSv2
CVE-2019-20919
An issue exists in the DBI module prior to 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
Perl Dbi
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
2.1
CVSSv2
CVE-2020-14392
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
Perl Database Interface
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Debian Debian Linux 9.0
5
CVSSv2
CVE-2016-2381
Perl might allow context-dependent malicious users to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
Perl Perl
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Oracle Communications Billing And Revenue Management 7.5
Oracle Configuration Manager
Oracle Configuration Manager 12.1.2.0.6
Oracle Database Server 11.2.0.4
Oracle Database Server 12.1.0.2
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
Oracle Enterprise Manager Base Platform 13.2.0.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0.0
Oracle Timesten In-memory Database
Oracle Solaris 11.3
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
5
CVSSv2
CVE-2020-12723
regcomp.c in Perl prior to 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
Perl Perl
Netapp Snap Creator Framework -
Netapp Oncommand Workflow Automation -
Fedoraproject Fedora 31
Opensuse Leap 15.1
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Sd-wan Edge 9.0
Oracle Sd-wan Edge 8.2
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Billing And Revenue Management 12.0.0.2.0
Oracle Communications Diameter Signaling Router
Oracle Tekelec Platform Distribution
Oracle Communications Lsms
Oracle Configuration Manager 12.1.2.0.8
Oracle Sd-wan Edge 9.1
Oracle Communications Eagle Application Processor
Oracle Communications Performance Intelligence Center
6.4
CVSSv2
CVE-2020-10543
Perl prior to 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
Perl Perl
Fedoraproject Fedora 31
Opensuse Leap 15.1
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Sd-wan Edge 9.0
Oracle Sd-wan Edge 8.2
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Billing And Revenue Management 12.0.0.2.0
Oracle Communications Diameter Signaling Router
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Tekelec Platform Distribution
Oracle Communications Eagle Lnp Application Processor 46.7
Oracle Communications Eagle Lnp Application Processor 46.8
Oracle Communications Eagle Lnp Application Processor 46.9
Oracle Communications Lsms
Oracle Configuration Manager 12.1.2.0.8
Oracle Sd-wan Edge 9.1
Oracle Communications Eagle Application Processor
Oracle Communications Performance Intelligence Center
1 Github repository
7.5
CVSSv2
CVE-2020-10878
Perl prior to 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Perl Perl
Fedoraproject Fedora 31
Opensuse Leap 15.1
Netapp Snap Creator Framework -
Netapp Oncommand Workflow Automation -
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Sd-wan Aware 8.2
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Billing And Revenue Management 12.0.0.2.0
Oracle Communications Diameter Signaling Router
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Tekelec Platform Distribution
Oracle Communications Eagle Lnp Application Processor 46.7
Oracle Communications Eagle Lnp Application Processor 46.8
Oracle Communications Eagle Lnp Application Processor 46.9
Oracle Communications Lsms
Oracle Configuration Manager 12.1.2.0.8
Oracle Communications Eagle Application Processor
Oracle Sd-wan Aware 9.1
6 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »