29 matches found
EUVD-2012-5118
Malware in sbrugna...
EUVD-2020-5011
Malware in sbrugna...
CVE-2025-40918
Authen::SASL::Perl::DIGEST_MD5 (versions 2.04–2.1800) uses an insecure cnonce generator, composing the nonce from an MD5 of the PID, epoch time, and rand(), which weakens entropy below the RFC 2831-recommended 64 bits. Exploitation potential is supported by the CVSS data (Network, Low-to-Medium i...
CVE-2025-40923
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...
CVE-2025-40923
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...
CVE-2025-40910 Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses
Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally usi...
SUSE SLES12 Security Update : perl-Crypt-OpenSSL-RSA (SUSE-SU-2025:01887-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01887-1 advisory. - CVE-2024-2467: Side-channel attack in PKCS1 v1.5 padding mode Marvin Attack bsc1221446 Tenable has extracted the preceding description block directl...
Security Bulletin: AIX/VIOS is vulnerable to arbitrary command execution due to Perl (CVE-2025-33112)
Summary Vulnerability in AIX's Perl could allow an attacker to execute arbitrary commands CVE-2025-33112. AIX uses Perl in various operating system components. Vulnerability Details CVEID:CVE-2025-33112 DESCRIPTION: IBM AIX's Perl implementation could allow a non-privileged local user to exploit ...
FreeBSD : Perl -- heap buffer overflow when transliterating non-ASCII bytes (a380f43e-19e5-11f0-9568-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a380f43e-19e5-11f0-9568-b42e991fc52e advisory. 9b29abf9-4ab0-4765-b253-1875cd9b441e reports: A heap buffer overflow vulnerability was discovered in...
Linux Distros Unpatched Vulnerability : CVE-2013-7422
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute...
CVE-2002-20002
The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand, which is not a strong random number generator, for cryptographic keys...
ROS-20240405-10
A vulnerability in the Perl programming language is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code...
Security update for perl-Spreadsheet-ParseXLSX (moderate)
openSUSE Security Update: Security update for perl-Spreadsheet-ParseXLSX Announcement ID: openSUSE-SU-2024:0021-1 Rating: moderate References: 1218651 Cross-References: CVE-2024-22368 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available...
Denial Of Service (DoS)
libhtml-stripscripts is vulnerable to denial of service DoS. The perl module which removes html scripts is causing this vulnerability by backtracking for HTML content with specially crafted style attributes. This causes regular expression denial of service...
CVE-2022-44542
lesspipe before 2.06 allows attackers to execute code via Perl Storable pst files, because of deserialized object destructor execution via a key/value pair in a hash...
UBUNTU-CVE-2018-12558
The parse method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters "\f"...
PhpGedView 4.2.3 - Local File Inclusion
PhpGedView 4.2.3 - Local File Inclusion !/usr/bin/perl -w :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com PhpGedView = 4.2.3 Local File Inclusion Vulnerability Script:...
Mandriva Update for perl-libwww-perl MDVSA-2010:167 (perl-libwww-perl)
Check for the Version of perl-libwww-perl OpenVAS Vulnerability Test Mandriva Update for perl-libwww-perl MDVSA-2010:167 perl-libwww-perl Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...
Fedora Core 11 FEDORA-2009-10539 (perl-Net-OAuth)
The remote host is missing an update to perl-Net-OAuth announced via advisory FEDORA-2009-10539. OpenVAS Vulnerability Test $Id: fcore200910539.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10539 perl-Net-OAuth Authors: Thomas Reinke Copyright:...
Mandrake Security Advisory MDVSA-2009:174 (perl-Compress-Raw-Zlib)
The remote host is missing an update to perl-Compress-Raw-Zlib announced via advisory MDVSA-2009:174. OpenVAS Vulnerability Test $Id: mdksa2009174.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:174 perl-Compress-Raw-Zlib Authors: Thomas Reinke...