Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2010-3438
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect fro...
Libpoe-component-irc-perl Project Libpoe-component-irc-perl
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 12
Fedoraproject Fedora 13
9.8
CVSSv3
CVE-2013-1751
TWiki prior to 5.1.4 allows remote malicious users to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.
Twiki Twiki
9.8
CVSSv3
CVE-2019-1010161
perl-CRYPT-JWT 0.022 and previous versions is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypa...
Perl-crypt-jwt Project Perl-crypt-jwt
9.8
CVSSv3
CVE-2019-1010263
Perl Crypt::JWT before 0.023 is affected by: Incorrect Access Control. The impact is: allow malicious users to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is:...
Perl Crypt\\ \\ Jwt Project
9.8
CVSSv3
CVE-2011-2767
mod_perl 2.0 up to and including 2.0.10 allows malicious users to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP...
Apache Mod Perl
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.4
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux 6.7
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux 7.3
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux 7.6
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
9.8
CVSSv3
CVE-2018-9246
The PGObject::Util::DBAdmin module prior to 0.120.0 for Perl, as used in LedgerSMB up to and including 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or ...
Pgobject-util-dbadmin Project Pgobject-util-dbadmin
Ledgersmb Ledgersmb
9.8
CVSSv3
CVE-2018-6913
Heap-based buffer overflow in the pack function in Perl prior to 5.26.2 allows context-dependent malicious users to execute arbitrary code via a large item count.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Perl Perl
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
9.8
CVSSv3
CVE-2008-7319
The Net::Ping::External extension up to and including 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untru...
Net-ping-external Project Net-ping-external
9.8
CVSSv3
CVE-2008-7315
UI-Dialog 1.09 and previous versions allows remote malicious users to execute arbitrary commands.
Cpan Ui\\ \\
9.8
CVSSv3
CVE-2017-12814
Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl prior to 5.24.3-RC1 and 5.26.x prior to 5.26.1-RC1 on Windows allows malicious users to execute arbitrary code via a long environment variable.
Perl Perl
Perl Perl 5.26.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »