Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2014-10401
An issue exists in the DBI module prior to 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.
Perl Dbi
320
VMScore
CVE-2014-10402
An issue exists in the DBI module up to and including 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.
Perl Dbi
614
VMScore
CVE-2008-5302
Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is...
Perl File\\ \\
445
VMScore
CVE-2013-7491
An issue exists in the DBI module prior to 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated.
Perl Dbi
614
VMScore
CVE-2008-5303
Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related...
Perl File\\ \\
755
VMScore
CVE-2005-1349
Buffer overflow in Convert-UUlib (Convert::UUlib) prior to 1.051 allows remote malicious users to execute arbitrary code via a malformed parameter to a read operation.
Perl Convert Uulib
1 EDB exploit
668
VMScore
CVE-2019-1010263
Perl Crypt::JWT before 0.023 is affected by: Incorrect Access Control. The impact is: allow malicious users to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is:...
Perl Crypt\\ \\ Jwt Project
570
VMScore
CVE-2007-1661
Perl-Compatible Regular Expression (PCRE) library prior to 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent malicious users to obtain sensitive information or cause a denial of service (crash), ...
Pcre Perl-compatible Regular Expression Library 7.0
Pcre Perl-compatible Regular Expression Library
Pcre Perl-compatible Regular Expression Library 7.1
Apple Mac Os X Server 10.4.11
Apple Mac Os X 10.4.11
445
VMScore
CVE-2013-7329
The CGI::Application module prior to 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote malicious users to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function.
Perl Cgi Application Module
465
VMScore
CVE-2005-0155
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.
Larry Wall Perl 5.8.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »