Lucene search
+L

71 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-14739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did no...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References4
NVD
NVD
added 2026/07/07 11:16 p.m.7 views

CVE-2026-14739

DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million placeholders. DBI version 1.650 sets a hard limit of 99,999 placeholders...

9.8CVSS0.00396EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/07 10:5 p.m.6 views

CVE-2026-14740

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

6AI score0.00407EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/07/07 10:5 p.m.8 views

CVE-2026-14740

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

9.1CVSS6AI score0.00407EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/07 10:5 p.m.33 views

CVE-2026-14740 DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

0.00407EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/07 10:4 p.m.10 views

CVE-2026-14380

DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile. When a string is assigned to a DBI handle's Profile attribute, DBI splits it into path, package and arguments, and interpolates the package part in a string eval with no validation of the package...

8.8CVSS6.3AI score0.00498EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.11 views

PT-2026-56273

Name of the Vulnerable Software and Affected Versions DBI versions prior to 1.650 Description A heap overflow occurs when preparsing SQL statements that contain an extreme number of placeholders. This happens because insufficient memory was allocated to handle approximately 1.2 million...

9.8CVSS6.2AI score0.00396EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.11 views

PT-2026-56272

Name of the Vulnerable Software and Affected Versions DBI versions prior to 1.650 Description Code injection is possible via a caller-influenced Profile attribute. When a string is assigned to this attribute, the software splits it into path, package, and arguments, then interpolates the package...

8.8CVSS6.6AI score0.00498EPSS
Exploits0References14
OSV
OSV
added 2026/07/03 1:4 p.m.3 views

SUSE-SU-2026:2749-1 Security update for perl-DBI

This update for perl-DBI fixes the following issues - CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer bsc1267957. - CVE-2026-10879: SQL statements with more than 9 binders can cause an heap overflow bsc1267849...

9.8CVSS6.2AI score0.00452EPSS
Exploits0References5
Fedora
Fedora
added 2026/06/26 12:59 a.m.6 views

[SECURITY] Fedora 44 Update: perl-DBI-1.648-1.fc44

DBI is a database access Application Programming Interface API for the Perl Language. The DBI API Specification defines a set of functions, variables and conventions that provide a consistent database interface independent of the actual database being used...

9.8CVSS5.8AI score0.00452EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/24 9:30 a.m.8 views

USN-8466-1: Perl DBI module vulnerabilities

It was discovered that the Perl DBI module incorrectly handled certain error messages. An attacker could use this issue to cause applications using the Perl DBI module to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-9698 It was discovered that the Perl DBI...

9.8CVSS6.2AI score0.00452EPSS
Exploits0
OSV
OSV
added 2026/06/24 9:30 a.m.5 views

USN-8466-1 libdbi-perl vulnerabilities

It was discovered that the Perl DBI module incorrectly handled certain error messages. An attacker could use this issue to cause applications using the Perl DBI module to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-9698 It was discovered that the Perl DBI...

9.8CVSS6.2AI score0.00452EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 2:30 p.m.3 views

OPENSUSE-SU-2026:21029-1 Security update for perl-DBI

This update for perl-DBI fixes the following issues - CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer bsc1267957. - CVE-2026-10879: SQL statements with more than 9 binders can cause an heap overflow bsc1267849...

9.8CVSS6AI score0.00452EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.8 views

Amazon Linux 2 : perl-DBI, --advisory ALAS2-2026-3361 (ALAS-2026-3361)

The version of perl-DBI installed on the remote host is prior to 1.627-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3361 advisory. DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The...

9.8CVSS6.2AI score0.00452EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/15 7:32 p.m.13 views

CVE-2026-9698

A flaw was found in DBI, a Perl database interface. This vulnerability allows an attacker to trigger a buffer overflow by manipulating error messages within an application. When specific error handling options are active, an attacker can provide oversized error text, which may lead to arbitrary...

9.8CVSS5.9AI score0.00452EPSS
Exploits0References5
CBLMariner
CBLMariner
added 2026/06/13 6:21 p.m.8 views

CVE-2026-10879 affecting package perl-DBI for versions less than 1.643-4

CVE-2026-10879 affecting package perl-DBI for versions less than 1.643-4. A patched version of the package is available...

9.8CVSS5.2AI score0.00413EPSS
Exploits0
OSV
OSV
added 2026/06/12 12:28 p.m.9 views

OESA-2026-2684 perl-DBI security update

The DBI is the standard database interface module for Perl. It defines a set of methods, variables and conventions that provide a consistent database interface independent of the actual database being used. It is important to remember that the DBI is just an interface. The DBI is a layer of "glue...

9.8CVSS6AI score0.00452EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 7:22 a.m.13 views

EUVD-2026-35366

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a...

9.8CVSS5.9AI score0.00452EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 7:22 a.m.2 views

CVE-2026-9698 DBI versions before 1.648 for Perl saved errors in a limited-sized buffer

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a...

7.5CVSS6.4AI score0.00452EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2026/06/09 2:27 a.m.14 views

SUSE CVE-2026-10879

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

5.5CVSS5.7AI score0.00413EPSS
Exploits0References6
Rows per page
Query Builder