Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-5118

Malware in sbrugna...

7.5CVSS7.3AI score0.04877EPSS
Exploits1References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-5011

Malware in sbrugna...

7.5CVSS7.5AI score0.05971EPSS
Exploits0References27
CVE
CVE
added 2025/07/16 2:0 p.m.43 views

CVE-2025-40918

Authen::SASL::Perl::DIGEST_MD5 (versions 2.04–2.1800) uses an insecure cnonce generator, composing the nonce from an MD5 of the PID, epoch time, and rand(), which weakens entropy below the RFC 2831-recommended 64 bits. Exploitation potential is supported by the CVSS data (Network, Low-to-Medium i...

6.5CVSS6.5AI score0.00394EPSS
Exploits0References6
OSV
OSV
added 2025/07/16 1:15 p.m.6 views

CVE-2025-40923

Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...

7.3CVSS7.3AI score
Exploits0References5
Debian CVE
Debian CVE
added 2025/07/16 1:5 p.m.8 views

CVE-2025-40923

Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...

7.3CVSS5.3AI score0.00329EPSS
Exploits0
Cvelist
Cvelist
added 2025/06/27 12:19 p.m.12 views

CVE-2025-40910 Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses

Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally usi...

0.0028EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.4 views

SUSE SLES12 Security Update : perl-Crypt-OpenSSL-RSA (SUSE-SU-2025:01887-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01887-1 advisory. - CVE-2024-2467: Side-channel attack in PKCS1 v1.5 padding mode Marvin Attack bsc1221446 Tenable has extracted the preceding description block directl...

5.9CVSS5.9AI score0.00516EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/10 3:4 p.m.11 views

Security Bulletin: AIX/VIOS is vulnerable to arbitrary command execution due to Perl (CVE-2025-33112)

Summary Vulnerability in AIX's Perl could allow an attacker to execute arbitrary commands CVE-2025-33112. AIX uses Perl in various operating system components. Vulnerability Details CVEID:CVE-2025-33112 DESCRIPTION: IBM AIX's Perl implementation could allow a non-privileged local user to exploit ...

8.4CVSS7.7AI score0.00191EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/04/16 12:0 a.m.13 views

FreeBSD : Perl -- heap buffer overflow when transliterating non-ASCII bytes (a380f43e-19e5-11f0-9568-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a380f43e-19e5-11f0-9568-b42e991fc52e advisory. 9b29abf9-4ab0-4765-b253-1875cd9b441e reports: A heap buffer overflow vulnerability was discovered in...

8.4CVSS7.9AI score0.0052EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2013-7422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute...

7.5CVSS7.8AI score0.03045EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/01/02 12:0 a.m.6 views

CVE-2002-20002

The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand, which is not a strong random number generator, for cryptographic keys...

5.4CVSS5.2AI score0.00299EPSS
Exploits0
Redos
Redos
added 2024/04/05 12:0 a.m.44 views

ROS-20240405-10

A vulnerability in the Perl programming language is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code...

7.8CVSS9.8AI score0.00832EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2024/01/16 12:0 a.m.3 views

Security update for perl-Spreadsheet-ParseXLSX (moderate)

openSUSE Security Update: Security update for perl-Spreadsheet-ParseXLSX Announcement ID: openSUSE-SU-2024:0021-1 Rating: moderate References: 1218651 Cross-References: CVE-2024-22368 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available...

5.5CVSS6.2AI score0.00468EPSS
Exploits1References1
Veracode
Veracode
added 2023/02/27 3:11 a.m.21 views

Denial Of Service (DoS)

libhtml-stripscripts is vulnerable to denial of service DoS. The perl module which removes html scripts is causing this vulnerability by backtracking for HTML content with specially crafted style attributes. This causes regular expression denial of service...

7.5CVSS7AI score0.01116EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2022/11/01 1:15 a.m.17 views

CVE-2022-44542

lesspipe before 2.06 allows attackers to execute code via Perl Storable pst files, because of deserialized object destructor execution via a key/value pair in a hash...

9.8CVSS0.0115EPSS
Exploits0References3
OSV
OSV
added 2018/06/20 2:29 p.m.5 views

UBUNTU-CVE-2018-12558

The parse method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters "\f"...

7.5CVSS7AI score0.0265EPSS
Exploits0References5
exploitpack
exploitpack
added 2011/01/05 12:0 a.m.13 views

PhpGedView 4.2.3 - Local File Inclusion

PhpGedView 4.2.3 - Local File Inclusion !/usr/bin/perl -w :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com PhpGedView = 4.2.3 Local File Inclusion Vulnerability Script:...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2010/09/07 12:0 a.m.17 views

Mandriva Update for perl-libwww-perl MDVSA-2010:167 (perl-libwww-perl)

Check for the Version of perl-libwww-perl OpenVAS Vulnerability Test Mandriva Update for perl-libwww-perl MDVSA-2010:167 perl-libwww-perl Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...

6.8CVSS0.2AI score0.03287EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/10/19 12:0 a.m.10 views

Fedora Core 11 FEDORA-2009-10539 (perl-Net-OAuth)

The remote host is missing an update to perl-Net-OAuth announced via advisory FEDORA-2009-10539. OpenVAS Vulnerability Test $Id: fcore200910539.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10539 perl-Net-OAuth Authors: Thomas Reinke Copyright:...

Exploits0References1
OpenVAS
OpenVAS
added 2009/08/17 12:0 a.m.28 views

Mandrake Security Advisory MDVSA-2009:174 (perl-Compress-Raw-Zlib)

The remote host is missing an update to perl-Compress-Raw-Zlib announced via advisory MDVSA-2009:174. OpenVAS Vulnerability Test $Id: mdksa2009174.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:174 perl-Compress-Raw-Zlib Authors: Thomas Reinke...

6.8CVSS1.4AI score0.07441EPSS
Exploits2
Rows per page
Query Builder