|
21
|
9.8
7.5
|
CRITICAL
Network
|
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-6797
|
cpe:2.3:a:perl:perl:*:*
|
5.18
|
5.26
|
|
|
2024-11-21 13:11
2018-04-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
22
|
9.8
7.5
|
CRITICAL
Network
|
Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long en…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12814
|
cpe:2.3:a:perl:perl:5.26.0:* cpe:2.3:a:perl:perl:*:*
|
|
5.24.2
|
|
|
2024-11-21 12:10
2017-09-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
23
|
9.1
6.4
|
CRITICAL
Network
|
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of se…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12883
|
cpe:2.3:a:perl:perl:5.26.0:* cpe:2.3:a:perl:perl:*:*
|
|
5.24.2
|
|
|
2024-11-21 12:10
2017-09-20
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
24
|
7.5
5.0
|
HIGH
Network
|
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12837
|
cpe:2.3:a:perl:perl:5.26.0:* cpe:2.3:a:perl:perl:*:*
|
|
5.24.2
|
|
|
2024-11-21 12:10
2017-09-20
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
25
|
9.8
7.5
|
CRITICAL
Network
|
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive lette…
|
CWE-125
Out-of-bounds Read
|
CVE-2015-8608
|
cpe:2.3:a:perl:perl:5.22:*
|
|
|
|
|
2024-11-21 11:38
2017-02-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
26
|
7.8
4.6
|
HIGH
Local
|
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under…
|
NVD-CWE-noinfo
|
CVE-2016-6185
|
cpe:2.3:a:perl:perl:*:*
|
5.25.0 5.23.0
|
|
|
5.25.3 5.24.1
|
2024-11-21 11:55
2016-08-2
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
27
|
7.8
7.2
|
HIGH
Local
|
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1238
|
cpe:2.3:a:perl:perl:5.9.5:* cpe:2.3:a:perl:perl:5.9.4:* cpe:2.3:a:perl:perl:5.9.3:* cpe:2.3:a:perl:perl:5.9.2:…
|
|
|
|
|
2024-11-21 11:46
2016-08-2
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
28
|
7.5
5.0
|
HIGH
Network
|
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 …
|
CWE-20
Improper Input Validation
|
CVE-2015-8853
|
cpe:2.3:a:perl:perl:*:*
|
|
5.23.9
|
|
|
2024-11-21 11:39
2016-05-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
29
|
7.5
5.0
|
HIGH
Network
|
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
|
CWE-20
Improper Input Validation
|
CVE-2016-2381
|
cpe:2.3:a:perl:perl:*:*
|
|
|
|
5.23.9
|
2024-11-21 11:48
2016-04-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
30
|
-
7.5
|
HIGH
|
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service …
|
CWE-189
Numeric Errors
|
CVE-2013-7422
|
cpe:2.3:a:perl:perl:5.18.4:*
|
|
|
|
|
2024-11-21 11:00
2015-08-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|