Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7329
The CGI::Application module prior to 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote malicious users to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function.
Perl Cgi Application Module
NA
CVE-2003-1365
The escape_dangerous_chars function in CGI::Lite 2.0 and previous versions does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which cou...
Perl Cgi Lite 2.0
NA
CVE-2008-4997
dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage.
Pilot-qof Datafreedom-perl 0.1.7
NA
CVE-2004-0377
Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl prior to 5.8.3 allows local or remote malicious users to execute arbitrary commands via filenames that end in a backslash character.
Activestate Activeperl
Larry Wall Perl
NA
CVE-2003-0618
Multiple vulnerabilities in suidperl 5.6.1 and previous versions allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
Perl Suidperl
Debian Debian Linux 3.0
NA
CVE-2005-4536
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
Debian Libmail-audit-perl 2.1-5
5.3
CVSSv3
CVE-2013-7490
An issue exists in the DBI module prior to 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
Perl Dbi
Canonical Ubuntu Linux 14.04
NA
CVE-2015-8381
The compile_regex function in pcre_compile.c in PCRE prior to 8.38 and pcre2_compile.c in PCRE2 prior to 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\z(?|(?'...
Pcre Perl Compatible Regular Expression Library
NA
CVE-2015-8382
The match function in pcre_exec.c in PCRE prior to 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote malicious users to obtain sensitive information from process mem...
Pcre Perl Compatible Regular Expression Library 8.36
NA
CVE-2005-2854
CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote malicious users to use the script as a mail relay (spam proxy) via CRLF sequences in the (1) name or (2) email fields, which are injected into mail headers.
Thesitewizard.com Chfeedback.pl Feedback Form Perl Script 2.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »