Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-48522
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
Perl Perl 5.34.0
9.8
CVSSv3
CVE-2015-8608
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote malicious users to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.
Perl Perl 5.22
NA
CVE-2008-1927
Double free vulnerability in Perl 5.8.8 allows context-dependent malicious users to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.
Perl Perl 5.8.8
NA
CVE-2009-3626
Perl 5.10.1 allows context-dependent malicious users to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match.
Perl Perl 5.10.1
8.1
CVSSv3
CVE-2023-31486
HTTP::Tiny prior to 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
Http\\ \\ Tiny Project
Perl Perl
NA
CVE-2001-0462
Directory traversal vulnerability in Perl web server 0.3 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the URL.
Spencer Christensen Perl Web Server 0.0.2
Spencer Christensen Perl Web Server 0.0.3
Spencer Christensen Perl Web Server 0.0.4
Spencer Christensen Perl Web Server 0.0.9
Spencer Christensen Perl Web Server 0.1
Spencer Christensen Perl Web Server 0.2
Spencer Christensen Perl Web Server 0.0.1
Spencer Christensen Perl Web Server 0.3
1 EDB exploit
8.1
CVSSv3
CVE-2023-31484
CPAN.pm prior to 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
Cpanpm Project Cpanpm
Perl Perl
7.5
CVSSv3
CVE-2015-8853
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl prior to 5.24.0 allow context-dependent malicious users to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
Fedoraproject Fedora 22
Perl Perl
NA
CVE-2004-2286
Integer overflow in the duplication operator in ActivePerl allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow.
Activestate Activeperl 5.6.1
Activestate Activeperl 5.8.1
Activestate Activeperl 5.8.3
Larry Wall Perl 5.6.1
Activestate Activeperl 5.6.1.630
Activestate Activeperl 5.6.2
Larry Wall Perl 5.3
Larry Wall Perl 5.4
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.3
Larry Wall Perl 5.8.0
Activestate Activeperl 5.6.3
Activestate Activeperl 5.7.1
Activestate Activeperl 5.7.2
Larry Wall Perl 5.4.5
Larry Wall Perl 5.5
Activestate Activeperl 5.7.3
Activestate Activeperl 5.8
Larry Wall Perl 5.5.3
Larry Wall Perl 5.6
1 EDB exploit
NA
CVE-2009-1391
Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module prior to 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent malicious users to cause a denial of service (hang or crash) via a crafted zlib compressed...
Paul Marquess Compress-raw-zlib Perl Module 2.008
Paul Marquess Compress-raw-zlib Perl Module 2.006
Paul Marquess Compress-raw-zlib Perl Module 2.001
Paul Marquess Compress-raw-zlib Perl Module
Paul Marquess Compress-raw-zlib Perl Module 2.005
Paul Marquess Compress-raw-zlib Perl Module 2.004
Paul Marquess Compress-raw-zlib Perl Module 2.014
Paul Marquess Compress-raw-zlib Perl Module 2.012
Paul Marquess Compress-raw-zlib Perl Module 2.011
Paul Marquess Compress-raw-zlib Perl Module 2.003
Paul Marquess Compress-raw-zlib Perl Module 2.002
Paul Marquess Compress-raw-zlib Perl Module 2.010
Paul Marquess Compress-raw-zlib Perl Module 2.009
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »