Lucene search
K

753 matches found

CVE
CVE
added yesterday12 views

CVE-2026-15043

CVE-2026-15043 affects DBI::SQL::Nano (versions 1.42–1.650.x) for Perl. In the non-numeric string branch of is_matched, the = with Perl's le, causing inverted = comparisons in WHERE predicates. This occurs in the fallback SQL engine used by DBI's file-backed drivers (e.g., DBD::File, DBD::DBM, CS...

9.8CVSS6.1AI score0.00184EPSS
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-43574

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...

6.2AI score0.00106EPSS
Exploits0References3
NVD
NVD
added 2 days ago9 views

CVE-2026-58102

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...

9.1CVSS0.00106EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-58102 Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...

0.00106EPSS
Exploits0References2
Fedora
Fedora
added 3 days ago7 views

[SECURITY] Fedora 43 Update: perl-Crypt-DSA-1.22-1.fc43

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...

7.5CVSS6.1AI score0.00508EPSS
Exploits0
OSV
OSV
added last week3 views

CVE-2026-49146 App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc

App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...

7.5CVSS6.1AI score0.0038EPSS
Exploits0References7
Fedora
Fedora
added 2026/07/08 1:10 a.m.6 views

[SECURITY] Fedora 43 Update: perl-Compress-Raw-Bzip2-2.218-1.fc43

This module provides a Perl interface to the bzip2 compression library. It is used by IO::Compress::Bzip2...

7.8CVSS5.9AI score0.00373EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-14895

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - String::Util versions before 1.36 for Perl are susceptible to a regular expression denial of service. The trim and rtrim functions stripped trailing whitespace...

7.5CVSS6.1AI score0.00392EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/07/07 10:5 p.m.4 views

CVE-2026-14739 DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders

DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million placeholders. DBI version 1.650 sets a hard limit of 99,999 placeholders...

6.1AI score0.00413EPSS
Exploits0References3
NVD
NVD
added 2026/07/07 7:16 p.m.10 views

CVE-2026-7017

HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets. When the server returns a 3xx redirect, mayberedirect follows the Location: header and prepareheadersandcb re-merges the caller's headers argument into the new request, without checking whether...

7.1CVSS0.0026EPSS
Exploits0References6
CVE
CVE
added 2026/07/07 11:46 a.m.15 views

CVE-2011-10043

Technical details about CVE-2011-10043 are not publicly available in the provided documents. Monitor for updates from official advisories; no confirmed exploit vectors, affected products, or remediation details are included here.

9.8CVSS6.1AI score0.00429EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/07 11:46 a.m.29 views

CVE-2011-10043 Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded

Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded. Module names starting with "::" could be passed to the load function to specify arbitrary module paths. Attackers able to influence module names passed to load could use that bug to execute arbitrary...

0.00429EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/07 9:54 a.m.5 views

perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in send_file()

A flaw was found in HTTP::Daemon, a Perl module used for creating HTTP servers. A remote attacker can exploit this vulnerability by providing specially crafted input to the sendfile function, leading to OS command injection. This allows the attacker to execute arbitrary commands on the system wit...

9.1CVSS6.2AI score0.01452EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/03 12:56 p.m.40 views

CVE-2026-56015 Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length

Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add passes the prefix string to the trie builder addPrefixToTrie without checking it against the address width. addPrefixToTrie then walks the prefix buffer by prefixlength bits, reading...

0.00537EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 4:16 p.m.9 views

CVE-2025-15646

HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the element was added to libgumbo 0.10.0 in 2015, but the walktree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen over-reads the heap...

9.8CVSS0.00663EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 7:38 p.m.23 views

CVE-2026-56018

CVE-2026-56018 concerns JavaScript::Minifier::XS for Perl with memory leak in versions before 0.16. The root cause is that, in JsMinify (XS.xs), cleanup frees only NodeSet structures but not per-token contents buffers, and JsDiscardNode unlinks nodes without freeing their contents. As a result, e...

7.5CVSS5.9AI score0.00609EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.7 views

perl-IO-Compress security update

2.081-2 - Remove use of eval in File::GlobMapper for safer string interpolation - Resolves: RHEL-180411...

7.8CVSS5.8AI score0.00292EPSS
Exploits3
NVD
NVD
added 2026/06/26 9:16 a.m.10 views

CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS0.00309EPSS
Exploits0References5
NVD
NVD
added 2026/06/26 9:16 a.m.8 views

CVE-2026-11702

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess...

7.5CVSS0.00292EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 8:7 a.m.9 views

EUVD-2026-39640

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.7AI score0.00447EPSS
Exploits0References4
Rows per page
Query Builder