273 matches found
CVE-2026-48962
IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...
CVE-2026-48962 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob
IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the caller-supplied output glob string in double quotes and stores it in the parser state; getFiles then runs the stored expression through eval...
PT-2026-43488
Name of the Vulnerable Software and Affected Versions IO::Compress versions prior to 2.220 Description An issue in File::GlobMapper allows the execution of arbitrary code through an attacker-controlled output glob. The function parseOutputGlob wraps the provided output glob string in double quote...
Linux Distros Unpatched Vulnerability : CVE-2026-48962
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. parseOutputGlob wraps the...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
EUVD-2026-28811
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...
CVE-2026-29202
The CVE-2026-29202 issue affects cPanel & WHM through Insufficient input validation of the plugin parameter in the create_user plugin, enabling arbitrary Perl code execution under the authenticated user’s system account. Affected component: the create_user plugin’s plugin parameter handling. Root...
cPanel 输入验证错误漏洞
cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability related to input validation errors, which stem from insufficient input validation in the plugin parameter...
PT-2026-31107
Name of the Vulnerable Software and Affected Versions Movable Type affected versions not specified Description Movable Type contains a code injection vulnerability that could allow an attacker to execute arbitrary Perl script. This could lead to webshell access. Recommendations At the moment, the...
MiracleLinux 8 : postgresql:13 (AXSA:2024-9054:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9054:01 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...
MiracleLinux 9 : postgresql:16 (AXSA:2024-9501:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9501:01 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...
CVE-2025-8769
Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server...
Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart
needrestart Privilege Escalation CVE-2024-48990 This reposi...
EUVD-2008-6444
Malware in sbrugna...
EUVD-2002-0915
Malware in sbrugna...
EUVD-2012-5580
Malware in sbrugna...