Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2131
Directory traversal vulnerability in Perl-HTTPd prior to 1.0.2 allows remote malicious users to view arbitrary files via a .. (dot dot) in an unknown argument.
Perl-httpd Perl-httpd 1.0
Perl-httpd Perl-httpd 1.0.1
NA
CVE-2009-1341
Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module prior to 2.0.0 for Perl allows context-dependent malicious users to cause a denial of service (memory consumption) by fetching data with BYTEA columns.
Debian Libdbd-pg-perl 1.4.8
Debian Libdbd-pg-perl 1.2.1
Debian Libdbd-pg-perl 1.2.0
Debian Libdbd-pg-perl 0.91
Debian Libdbd-pg-perl 1.3.2
Debian Libdbd-pg-perl 1.2.2
Debian Libdbd-pg-perl 0.95
Debian Libdbd-pg-perl 0.93
Debian Libdbd-pg-perl 0.83
Debian Libdbd-pg-perl 0.82
Debian Libdbd-pg-perl 0.69
Debian Libdbd-pg-perl 0.68
Debian Libdbd-pg-perl 0.61
Debian Libdbd-pg-perl 0.52
Debian Libdbd-pg-perl 1.4.3
Debian Libdbd-pg-perl 1.4.0
Debian Libdbd-pg-perl 0.94
Debian Libdbd-pg-perl 0.89
Debian Libdbd-pg-perl 1.4.7
Debian Libdbd-pg-perl 1.4.6
Debian Libdbd-pg-perl 1.0.0
Debian Libdbd-pg-perl 0.99
NA
CVE-2004-0976
Multiple scripts in the perl package in Trustix Secure Linux 1.5 up to and including 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Larry Wall Perl 5.6
Larry Wall Perl 5.6.1
Larry Wall Perl 5.8.0
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.3
7.8
CVSSv3
CVE-2023-47039
A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell (`cmd.exe`). When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute `cmd.exe` within...
Perl Perl
9.8
CVSSv3
CVE-2023-47100
In Perl prior to 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.
Perl Perl
5.5
CVSSv3
CVE-1999-1386
Perl 5.004_04 and previous versions follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
Perl Perl
NA
CVE-2005-0448
Race condition in the rmtree function in File::Path.pm in Perl prior to 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
Larry Wall Perl 5.8.0
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.3
Larry Wall Perl 5.8.4
NA
CVE-2000-0703
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that ...
Larry Wall Perl 5.4.5
Larry Wall Perl 5.5
Larry Wall Perl 5.5.3
Larry Wall Perl 5.6
2 EDB exploits
NA
CVE-2008-2827
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
Perl Perl 5.10
1 EDB exploit
7.8
CVSSv3
CVE-2023-47038
A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
Perl Perl 5.34.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »