Lucene search
K

739 matches found

Fedora
Fedora
added yesterday7 views

[SECURITY] Fedora 43 Update: perl-Crypt-DSA-1.22-1.fc43

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...

7.5CVSS6.1AI score0.00508EPSS
Exploits0
Fedora
Fedora
added 5 days ago5 views

[SECURITY] Fedora 43 Update: perl-Compress-Raw-Bzip2-2.218-1.fc43

This module provides a Perl interface to the bzip2 compression library. It is used by IO::Compress::Bzip2...

7.8CVSS5.9AI score0.00373EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 5 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-14895

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - String::Util versions before 1.36 for Perl are susceptible to a regular expression denial of service. The trim and rtrim functions stripped trailing whitespace...

7.5CVSS6.1AI score0.00392EPSS
Exploits0References3
NVD
NVD
added 6 days ago9 views

CVE-2026-7017

HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets. When the server returns a 3xx redirect, mayberedirect follows the Location: header and prepareheadersandcb re-merges the caller's headers argument into the new request, without checking whether...

7.1CVSS0.0026EPSS
Exploits0References6
Cvelist
Cvelist
added 6 days ago29 views

CVE-2011-10043 Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded

Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded. Module names starting with "::" could be passed to the load function to specify arbitrary module paths. Attackers able to influence module names passed to load could use that bug to execute arbitrary...

0.00429EPSS
Exploits0References3
CVE
CVE
added 6 days ago13 views

CVE-2011-10043

Technical details about CVE-2011-10043 are not publicly available in the provided documents. Monitor for updates from official advisories; no confirmed exploit vectors, affected products, or remediation details are included here.

9.8CVSS6.1AI score0.00429EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 6 days ago5 views

perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in send_file()

A flaw was found in HTTP::Daemon, a Perl module used for creating HTTP servers. A remote attacker can exploit this vulnerability by providing specially crafted input to the sendfile function, leading to OS command injection. This allows the attacker to execute arbitrary commands on the system wit...

9.1CVSS6.2AI score0.01452EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/03 12:56 p.m.39 views

CVE-2026-56015 Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length

Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add passes the prefix string to the trie builder addPrefixToTrie without checking it against the address width. addPrefixToTrie then walks the prefix buffer by prefixlength bits, reading...

0.00537EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 4:16 p.m.9 views

CVE-2025-15646

HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the element was added to libgumbo 0.10.0 in 2015, but the walktree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen over-reads the heap...

9.8CVSS0.00663EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 7:38 p.m.19 views

CVE-2026-56018

CVE-2026-56018 concerns JavaScript::Minifier::XS for Perl with memory leak in versions before 0.16. The root cause is that, in JsMinify (XS.xs), cleanup frees only NodeSet structures but not per-token contents buffers, and JsDiscardNode unlinks nodes without freeing their contents. As a result, e...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.7 views

perl-IO-Compress security update

2.081-2 - Remove use of eval in File::GlobMapper for safer string interpolation - Resolves: RHEL-180411...

7.8CVSS5.8AI score0.00292EPSS
Exploits3
NVD
NVD
added 2026/06/26 9:16 a.m.10 views

CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS0.00309EPSS
Exploits0References5
NVD
NVD
added 2026/06/26 9:16 a.m.8 views

CVE-2026-11702

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess...

7.5CVSS0.00292EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 8:7 a.m.9 views

EUVD-2026-39640

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.7AI score0.00447EPSS
Exploits0References4
Fedora
Fedora
added 2026/06/26 12:59 a.m.5 views

[SECURITY] Fedora 44 Update: perl-IO-Compress-2.221-1.fc44

This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 i.e. gzip and zip files/buffers. The following modules used to be distributed...

7.8CVSS5.7AI score0.00373EPSS
Exploits3
Fedora
Fedora
added 2026/06/26 12:59 a.m.4 views

[SECURITY] Fedora 44 Update: perl-DBI-1.648-1.fc44

DBI is a database access Application Programming Interface API for the Perl Language. The DBI API Specification defines a set of functions, variables and conventions that provide a consistent database interface independent of the actual database being used...

9.8CVSS5.8AI score0.00413EPSS
Exploits0
OSV
OSV
added 2026/06/20 6:49 a.m.2 views

SUSE-SU-2026:22188-1 Security update for perl-Protocol-HTTP2

This update for perl-Protocol-HTTP2 fixes the following issue - CVE-2026-10725: denial of service due to absence of inbound HPACK header-list size limit bsc1267857...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References3
NVD
NVD
added 2026/06/20 2:16 a.m.15 views

CVE-2026-9265

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen on...

9.1CVSS0.00354EPSS
Exploits0References3
Fedora
Fedora
added 2026/06/20 1:7 a.m.4 views

[SECURITY] Fedora 43 Update: perl-Config-IniFiles-3.001000-1.fc43

Config::IniFiles provides a way to have readable configuration files outside your Perl script. Configurations can be imported inherited, stacked,..., sections can be grouped, and settings can be accessed from a tied hash...

8.6CVSS5.8AI score0.00618EPSS
Exploits0
EUVD
EUVD
added 2026/06/20 12:46 a.m.11 views

EUVD-2026-38103

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen on...

6.1AI score0.00354EPSS
Exploits0References3
Rows per page
Query Builder