Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 up to and including 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows malicious users to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable.
Lwp\\ \\ Protocol\\
668
VMScore
CVE-2013-1437
Eval injection vulnerability in the Module-Metadata module prior to 1.000015 for Perl allows remote malicious users to execute arbitrary Perl code via the $Version value.
Module-metadata Project Module-metadata
Fedoraproject Fedora 18
Fedoraproject Fedora 19
641
VMScore
CVE-2019-20327
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software up to and including 19.10 allow local malicious users to gain privileges. (cwrapper_perl is a setuid executable allowing execution of Perl scripts with root privileges.)
Centreon Centreon
605
VMScore
CVE-2015-2325
The compile_branch function in PCRE prior to 8.37 allows context-dependent malicious users to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forwar...
Pcre Pcre
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mariadb Mariadb
Php Php
383
VMScore
CVE-2015-2326
The pcre_compile2 function in PCRE prior to 8.37 allows context-dependent malicious users to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back re...
Pcre Pcre
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mariadb Mariadb
Php Php
445
VMScore
CVE-2019-12420
In Apache SpamAssassin prior to 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.
Apache Spamassassin
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
641
VMScore
CVE-2018-11805
In Apache SpamAssassin prior to 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update chan...
Apache Spamassassin
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
320
VMScore
CVE-2013-4184
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
Data\\ \\ Uuid Project
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
570
VMScore
CVE-2015-3406
The PGP signature parsing in Module::Signature prior to 0.74 allows remote malicious users to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
668
VMScore
CVE-2010-3438
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect fro...
Libpoe-component-irc-perl Project Libpoe-component-irc-perl
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 12
Fedoraproject Fedora 13
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »