Lucene search
+L

25 matches found

RedHat Linux
RedHat Linux
added 6 days ago5 views

perl-DBI: perl-DBI: Heap overflow in SQL preparsing can lead to denial of service or arbitrary code execution.

A flaw was found in perl-DBI. A heap overflow vulnerability exists when preparsing SQL statements with more than 9 binders. The preparse method incorrectly allocates buffer space for SQL placeholder characters, leading to an overflow when processing binders with two or more digits. This can resul...

9.8CVSS6.3AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 6 days ago6 views

perl-DBI: perl-DBI: Heap overflow in SQL preparsing can lead to denial of service or arbitrary code execution.

A flaw was found in perl-DBI. A heap overflow vulnerability exists when preparsing SQL statements with more than 9 binders. The preparse method incorrectly allocates buffer space for SQL placeholder characters, leading to an overflow when processing binders with two or more digits. This can resul...

9.8CVSS6.3AI score0.00413EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/07/10 7:59 a.m.7 views

CVE-2026-10879

A flaw was found in perl-DBI. A heap overflow vulnerability exists when preparsing SQL statements with more than 9 binders. The preparse method incorrectly allocates buffer space for SQL placeholder characters, leading to an overflow when processing binders with two or more digits. This can resul...

9.8CVSS6.3AI score0.00413EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/07/04 2:15 a.m.5 views

SUSE CVE-2026-55952

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS6.1AI score0.00487EPSS
Exploits0References3
CVE
CVE
added 2026/07/02 4:6 p.m.23 views

CVE-2026-55952

Summary: The Erlang/OTP ssl module is vulnerable to a TLS 1.3 denial of service due to a mismatch between PSK identity list and binder list lengths in the ClientHello extension. In tls_handshake_1_3:handle_pre_shared_key/3, an OfferedPreSharedKeys record with unequal identities/binders is passed ...

8.2CVSS5.9AI score0.00487EPSS
Exploits0References7Affected Software2
Ubuntu
Ubuntu
added 2026/06/24 9:30 a.m.8 views

USN-8466-1: Perl DBI module vulnerabilities

It was discovered that the Perl DBI module incorrectly handled certain error messages. An attacker could use this issue to cause applications using the Perl DBI module to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-9698 It was discovered that the Perl DBI...

9.8CVSS6.2AI score0.00452EPSS
Exploits0
OSV
OSV
added 2026/06/22 2:30 p.m.5 views

OPENSUSE-SU-2026:21029-1 Security update for perl-DBI

This update for perl-DBI fixes the following issues - CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer bsc1267957. - CVE-2026-10879: SQL statements with more than 9 binders can cause an heap overflow bsc1267849...

9.8CVSS6AI score0.00452EPSS
Exploits0References4
OSV
OSV
added 2026/06/22 2:28 p.m.3 views

SUSE-SU-2026:22257-1 Security update for perl-DBI

This update for perl-DBI fixes the following issues - CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer bsc1267957. - CVE-2026-10879: SQL statements with more than 9 binders can cause an heap overflow bsc1267849...

9.8CVSS6AI score0.00452EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.8 views

Amazon Linux 2 : perl-DBI, --advisory ALAS2-2026-3361 (ALAS-2026-3361)

The version of perl-DBI installed on the remote host is prior to 1.627-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3361 advisory. DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The...

9.8CVSS6.2AI score0.00452EPSS
Exploits0References6
OSV
OSV
added 2026/06/12 12:28 p.m.9 views

OESA-2026-2684 perl-DBI security update

The DBI is the standard database interface module for Perl. It defines a set of methods, variables and conventions that provide a consistent database interface independent of the actual database being used. It is important to remember that the DBI is just an interface. The DBI is a layer of "glue...

9.8CVSS6AI score0.00452EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/09 8:1 a.m.10 views

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

...

9.8CVSS5.4AI score0.00413EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/09 2:27 a.m.14 views

SUSE CVE-2026-10879

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

5.5CVSS5.7AI score0.00413EPSS
Exploits0References6
NVD
NVD
added 2026/06/05 3:16 p.m.33 views

CVE-2026-10879

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

9.8CVSS0.00413EPSS
Exploits0References3
OSV
OSV
added 2026/06/05 3:16 p.m.10 views

UBUNTU-CVE-2026-10879

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

9.8CVSS5.7AI score0.00413EPSS
Exploits0References7
CVE
CVE
added 2026/06/05 2:30 p.m.78 views

CVE-2026-10879

CVE-2026-10879 affects DBI for Perl, pre-1.648. A heap overflow occurs during preparsing SQL with more than 9 binders; the preparse method expands placeholders to :pN but only allocates 3 characters per binder, causing overflow as placeholders 10–99 need 4 chars, 100–999 need 5, etc. The issue is...

9.8CVSS5.7AI score0.00413EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/05 2:30 p.m.6 views

CVE-2026-10879

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

5.7AI score0.00413EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 2:30 p.m.11 views

EUVD-2026-34843

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

5.7AI score0.00413EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/05 2:30 p.m.52 views

CVE-2026-10879 DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

0.00413EPSS
Exploits0References2
OSV
OSV
added 2026/06/05 2:30 p.m.3 views

CVE-2026-10879 DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

9.8CVSS6.1AI score0.00413EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.16 views

PT-2026-46958

Name of the Vulnerable Software and Affected Versions DBI versions prior to 1.648 Description A heap overflow occurs when preparsing SQL statements containing more than 9 binders. The preparse function expands SQL placeholder characters into numbered binders using the format :pN, but it only...

9.8CVSS5.6AI score0.00452EPSS
Exploits0References37
Rows per page
Query Builder