Shodan
Vulnerabilities
Vulnerable Software
Perl:  Security Vulnerabilities
CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.
CVSS Score
6.1
EPSS Score
0.0
Published
2020-09-16
CVE-2020-14393
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
CVSS Score
7.1
EPSS Score
0.0
Published
2020-09-16
CVE-2020-14392
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-09-16
CVE-2013-7490
An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-09-11
CVE-2013-7491
An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-09-11
CVE-2014-10401
An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.
CVSS Score
6.1
EPSS Score
0.0
Published
2020-09-11
CVE-2020-12723
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-06-05
CVE-2020-10543
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
CVSS Score
8.2
EPSS Score
0.039
Published
2020-06-05
CVE-2020-10878
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVSS Score
8.6
EPSS Score
0.001
Published
2020-06-05
CVE-2018-18311
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVSS Score
9.8
EPSS Score
0.122
Published
2018-12-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved