Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2005-0077
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
Debian Debian Linux 3.0
Gentoo Linux
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux Desktop 4.0
Ubuntu Ubuntu Linux 4.10
605
VMScore
CVE-2007-4829
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and previous versions allows user-assisted remote malicious users to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
Archive\\ \\ Tar Project
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
890
VMScore
CVE-2011-2767
mod_perl 2.0 up to and including 2.0.10 allows malicious users to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP...
Apache Mod Perl
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.4
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux 6.7
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux 7.3
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux 7.6
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
445
VMScore
CVE-2007-1349
PerlRun.pm in Apache mod_perl prior to 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted URI.
Apache Mod Perl
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 7.04
Redhat Satellite 5.1
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 4.5
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 5.0
383
VMScore
CVE-2017-6512
Race condition in the rmtree and remove_tree functions in the File-Path module prior to 2.13 for Perl allows malicious users to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
File\\ \\ Path Project
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
668
VMScore
CVE-2010-1168
The Safe (aka Safe.pm) module prior to 2.25 for Perl allows context-dependent malicious users to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed ob...
Rafael Garcia-suarez Safe 2.08
Rafael Garcia-suarez Safe 2.17
Rafael Garcia-suarez Safe 2.18
Rafael Garcia-suarez Safe 2.15
Rafael Garcia-suarez Safe 2.16
Rafael Garcia-suarez Safe 2.23
Rafael Garcia-suarez Safe 2.24
Rafael Garcia-suarez Safe 2.13
Rafael Garcia-suarez Safe 2.14
Rafael Garcia-suarez Safe 2.21
Rafael Garcia-suarez Safe 2.22
Rafael Garcia-suarez Safe 2.09
Rafael Garcia-suarez Safe 2.11
Rafael Garcia-suarez Safe 2.19
Rafael Garcia-suarez Safe 2.20
890
VMScore
CVE-2014-9906
Use-after-free vulnerability in DBD::mysql prior to 4.029 allows malicious users to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.
Debian Debian Linux 8.0
Dbd-mysql Project Dbd-mysql
668
VMScore
CVE-2009-0663
Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent malicious users to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows.
Cmu Dbd\\ \\
NA
CVE-2023-24038
The HTML-StripScripts module up to and including 1.06 for Perl allows _hss_attval_style ReDoS because of catastrophic backtracking for HTML content with certain style attributes.
Html-stripscripts Project Html-stripscripts
Debian Debian Linux 10.0
409
VMScore
CVE-2005-0106
SSLeay.pm in libnet-ssleay-perl prior to 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.
Ubuntu Ubuntu Linux 5.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »