IGNORE_CVEs

CVE-1999-0150     The Perl fingerd program allows arbitrary command execution from remot...
CVE-1999-0450     In IIS, an attacker could determine a real path using a request for a
CVE-1999-0509     Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands.
CVE-1999-1053     guestbook.pl cleanses user-inserted SSI commands by removing text betw...
CVE-2000-0296     fcheck allows local users to gain privileges by embedding shell metach
CVE-2000-0296     fcheck allows local users to gain privileges by embedding shell metach
CVE-2000-0883 Apache on Mandrake
CVE-2001-0113     statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute a
CVE-2001-0113     statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute ar...
CVE-2001-0370     fcheck prior to 2.57.59 calls the file signature checking program inse...
CVE-2001-0436     dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arb
CVE-2001-0436     dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arb...
CVE-2001-0462     Directory traversal vulnerability in Perl web server 0.3 and earlier a...
CVE-2001-0930     Sendpage.pl allows remote attackers to execute arbitrary commands via ...
CVE-2001-0999     Outlook Express 6.00 allows remote attackers to execute arbitrary
CVE-2001-0999     Outlook Express 6.00 allows remote attackers to execute arbitrary scri...
CVE-2001-1187     csvform.pl 0.1 allows remote attackers to execute arbitrary commands v...
CVE-2001-1290     admin.cgi in Active Classifieds Free Edition 1.0, and possibly commerc...
CVE-2002-0245     Lotus Domino server 5.0.8 with NoBanner enabled allows remote attacker...
CVE-2002-0307     Directory traversal vulnerability in ans.pl in Avenger's News System (...
CVE-2002-0495     csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to ex...
CVE-2002-0924     CGIScript.net csNews.cgi allows remote authenticated users to execute
CVE-2002-0924     CGIScript.net csNews.cgi allows remote authenticated users to execute ...
CVE-2002-1196     editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before
CVE-2002-1196     editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2...
CVE-2002-1436   The web handler for Perl 5.003 on Novell NetWare 5
CVE-2002-1437     Directory traversal vulnerability in the web handler for Perl 5.003 on.
CVE-2002-1438   The web handler for Perl 5.003 on Novell NetWare 5
CVE-2002-1635   The Apache configuration file (httpd.conf) in Orac
CVE-2002-1750   csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 a
CVE-2002-1751   csLiveSupport.cgi in CGIScript.net csLiveSupport a
CVE-2002-1752   csChatRBox.cgi in CGIScript.net csChat-R-Box allow
CVE-2002-1753   csNewsPro.cgi in CGIScript.net csNews Professional
CVE-2002-1825 Non-CPAN code; PerlRTE_example1.pl in WASD
CVE-2002-2131 Non-CPAN code; Perl-HTTPd
CVE-2002-2256     Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier...
CVE-2003-0495     Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote ...
CVE-2003-0562     Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1...
CVE-2003-0770     FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not pro...
CVE-2003-1287     Sambar Server before 6.0 beta 3 allows attackers with physical access ...
CVE-2003-1426     Openwebmail in cPanel 5.0, when run using suid Perl, adds the director...
CVE-2004-0230     TCP, when using a large Window Size, makes it easier for remote attack
CVE-2004-0241     X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via...
CVE-2004-0976     Multiple scripts in the perl package in Trustix Secure Linux 1.5 throu...
CVE-2004-1677     pdesk.cgi in PerlDesk allows remote attackers to gain sensitive inform...
CVE-2004-1678     Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remo...
CVE-2004-1982     Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify record...
CVE-2004-2103     Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise
CVE-2004-2550     Multiple cross-site scripting (XSS) vulnerabilities in unspecified Per...
CVE-2005-0130     Certain Perl scripts in Konversation 0.15 allow remote attackers to ex...
CVE-2005-0343     SQL injection vulnerability in PerlDesk 1.x allows remote attackers to...
CVE-2005-0436 Non-CPAN code; AWStats
CVE-2005-0437 Non-CPAN code; AWStats
CVE-2005-1527 Non-CPAN code; AWStats
CVE-2005-2491     Integer overflow in pcre_compile.c in Perl Compatible Regular Expressi...
CVE-2005-2837     Multiple eval injection vulnerabilities in PlainBlack Software WebGUI
CVE-2005-2837     Multiple eval injection vulnerabilities in PlainBlack Software WebGUI ...
CVE-2005-2854     CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedba...
CVE-2005-3066     Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver ...
CVE-2005-3351 Non-CPAN code; SpamAssassin
CVE-2005-3351 SpamAssassin
CVE-2005-3912     Format string vulnerability in miniserv.pl Perl web server in Webmin b...
CVE-2005-4158     Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear
CVE-2005-4162     Cross-site scripting (XSS) vulnerability in cal_make.pl in ACME PerlCa...
CVE-2005-4261     Unspecified vulnerability in Positive Software Corporation CP+ (cpplus...
CVE-2005-4278     Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo
CVE-2005-4780     ** DISPUTED ** Cross-site scripting (XSS) vulnerability in Fidra Light...
CVE-2005-4872   Perl-Compatible Regular Expression (PCRE) library
CVE-2006-0203     membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not veri...
CVE-2006-0628     myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute a...
CVE-2006-0735     Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML:...
CVE-2006-0780     Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in Pe...
CVE-2006-0781     Directory traversal vulnerability in weblog.pl in PerlBlog 1.09b and e...
CVE-2006-0782     Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier a...
CVE-2006-0959     SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03...
CVE-2006-1477     Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tool...
CVE-2006-1478     Directory traversal vulnerability in (1) initiate.php and (2) possibly...
CVE-2006-1566 libtunepimp-perl
CVE-2006-3207     Directory traversal vulnerability in newpost.php in Ultimate PHP Board...
CVE-2006-3392     Webmin before 1.290 and Usermin before 1.220 calls the simplify_path f...
CVE-2006-3554     Directory traversal vulnerability in index.php in MKPortal 1.0.1 Final...
CVE-2006-3589     vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructu...
CVE-2006-3813     A regression error in the Perl package for Red Hat Enterprise Linux 4 ...
CVE-2006-3819     Eval injection vulnerability in the configure script in TWiki 4.0.0 th...
CVE-2006-4731     Multiple directory traversal vulnerabilities in (1) login.pl and (2) a...
CVE-2006-4994     Multiple unquoted Windows search path vulnerabilities in Apache Friend...
CVE-2006-5872     login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows...
CVE-2006-6687     Cross-site scripting (XSS) vulnerability in Web Automated Perl Portal ...
CVE-2006-6688     Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edit...
CVE-2006-7225   Perl-Compatible Regular Expression (PCRE) library
CVE-2006-7226   Perl-Compatible Regular Expression (PCRE) library
CVE-2006-7227   Integer overflow in Perl-Compatible Regular Expres
CVE-2006-7228   Integer overflow in Perl-Compatible Regular Expres
CVE-2006-7230   Perl-Compatible Regular Expression (PCRE) library
CVE-2007-0669     Unspecified vulnerability in Twiki 4.0.0 through 4.1.0 allows local us
CVE-2007-0792     The mod_perl initialization script in Bugzilla 2.23.3 does not set the
CVE-2007-1359     Interpretation conflict in ModSecurity (mod_security) 2.1.0 and earlie
CVE-2007-1489     Unspecified vulnerability in web-app.org Web Automated Perl Portal
CVE-2007-1659   Perl-Compatible Regular Expression (PCRE) library
CVE-2007-1660   Perl-Compatible Regular Expression (PCRE) library
CVE-2007-1661   Perl-Compatible Regular Expression (PCRE) library
CVE-2007-1662   Perl-Compatible Regular Expression (PCRE) library
CVE-2007-3295     Directory traversal vulnerability in Yet another Bulletin Board (YaBB)
CVE-2007-3944     Multiple heap-based buffer overflows in the Perl Compatible Regular
CVE-2007-4144     Cross-site scripting (XSS) vulnerability in sample-forms/simple-contac
CVE-2007-4596     The perl extension in PHP does not follow safe_mode restrictions, whic
CVE-2007-4766     Multiple integer overflows in Perl-Compatible Regular Expression
CVE-2007-4767   Perl-Compatible Regular Expression (PCRE) library
CVE-2007-4768     Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE
CVE-2008-0171     regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (ak...
CVE-2008-1604 Non-CPAN code; PerlMailer
CVE-2008-1604 PerlMailer
CVE-2008-2371   Heap-based buffer overflow in pcre_compile.c in th
CVE-2008-3502     Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through...
CVE-2008-4798 Non-CPAN code; WebGUI-Asset
CVE-2008-4798 WebGUI
CVE-2008-4997     ** DISPUTED ** dfxml-invoice in datafreedom-perl 0.1.7 allows local us...
CVE-2008-5305 Non-CPAN code; Twiki
CVE-2008-6474     The management interface in F5 BIG-IP 9.4.3 allows remote authenticat
CVE-2008-6724     Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste
CVE-2009-0486     Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls t
CVE-2009-0667
CVE-2009-0689     Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa
CVE-2009-2565 Non-CPAN code; shiromuku(fs6)DIARY ???
CVE-2009-2565 rando CGI scripts
CVE-2009-2625 Java Xerces2
CVE-2009-2899     The monitor perl script in the Sybase database plug-in in SpringSource
CVE-2009-2946     Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in de
CVE-2009-3560     The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a
CVE-2009-3845     The port-3443 HTTP server in HP OpenView Network Node Manager
CVE-2009-5081     The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) con
CVE-2010-1169     PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.
CVE-2010-2389     Unspecified vulnerability in the Perl component in Oracle Database Ser.
CVE-2010-3433     The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30
CVE-2010-3476     Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x
CVE-2011-0923     The client in HP Data Protector does not properly validate EXEC_CMD
CVE-2012-0453     Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in Bugzi
CVE-2012-2981     Webmin 1.590 and earlier allows remote authenticated users to execute
CVE-2012-3504     The nssconfigFound function in genkey.pl in crypto-utils 2.4.1-34 allo
CVE-2012-5697     The btinstall installation script in Bulb Security Smartphone Pentest
CVE-2012-5932     Eval injection vulnerability in the ldapagnt_eval function in ldapagnt
CVE-2013-1751     TWiki before 5.1.4 allows remote attackers to execute arbitrary shell
CVE-2013-2751     Eval injection vulnerability in frontview/lib/np_handler.pl in the Fro
CVE-2013-4279     imapsync 1.564 and earlier performs a release check by default, which
CVE-2014-0931     Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN
CVE-2014-1572     The confirm_create_account function in the account-creation feature in
CVE-2014-1573     Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before
CVE-2014-3897     Cross-site scripting (XSS) vulnerability in Homepage Decorator
CVE-2014-7180     Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3
CVE-2014-7236     Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before
CVE-2014-8630     Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x
CVE-2015-0868     Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI
CVE-2015-0871     Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl CGI
CVE-2015-0873     Cross-site scripting (XSS) vulnerability in Homepage Decorator
CVE-2015-0898     futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows
CVE-2015-1592     Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro
CVE-2015-2327   PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1
CVE-2015-2328   PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/
CVE-2015-3210   Heap-based buffer overflow in PCRE 8.34 through 8.
CVE-2015-3217   PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mi
CVE-2015-5073     Heap-based buffer overflow in the find_fixedlength function in pcre_co
CVE-2015-8380   The pcre_exec function in pcre_exec.c in PCRE befo
CVE-2015-8381   The compile_regex function in pcre_compile.c in PC
CVE-2015-8382   The match function in pcre_exec.c in PCRE before 8
CVE-2015-8383   PCRE before 8.38 mishandles certain repeated condi
CVE-2015-8384   PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{
CVE-2015-8385   PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm
CVE-2015-8386   PCRE before 8.38 mishandles the interaction of loo
CVE-2015-8387   PCRE before 8.38 mishandles (?123) subroutine call
CVE-2015-8388   PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?
CVE-2015-8389   PCRE before 8.38 mishandles the /(?:|a|){100}x/ pa
CVE-2015-8390   PCRE before 8.38 mishandles the [: and \\ substrin
CVE-2015-8391   The pcre_compile function in pcre_compile.c in PCR
CVE-2015-8392   PCRE before 8.38 mishandles certain instances of t
CVE-2015-8393   pcregrep in PCRE before 8.38 mishandles the -q opt
CVE-2015-8394   PCRE before 8.38 mishandles the (?(<digits>) and (
CVE-2015-8395   PCRE before 8.38 mishandles certain references, wh
CVE-2016-1211     Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List
CVE-2016-1283   The pcre_compile2 function in pcre_compile.c in PC
CVE-2016-1531     Exim before 4.86.2, when installed setuid root, allows local users to
CVE-2016-7489     Teradata Virtual Machine Community Edition v15.10's perl script /opt/t
CVE-2017-12763    An unspecified server utility in NoMachine before 5.3.10 on Mac OS X
CVE-2017-14867    Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x
CVE-2017-4985   In EMC VNX2 versions prior to OE for File 8.1.9.21
CVE-2017-6972   AlienVault USM and OSSIM before 5.3.7 and NfSen be
CVE-2018-11189  Quest DR Series Disk Backup software version befor
CVE-2018-20911  cPanel before 70.0.23 allows code execution becaus
CVE-2019-20327    Insecure permissions in cwrapper_perl
CVE-2020-24045  A sandbox escape issue was discovered in TitanHQ S
CVE-2020-26574  ** UNSUPPORTED WHEN ASSIGNED ** Leostream Connecti
CVE-2020-36163  An issue was discovered in Veritas NetBackup and O
CVE-2021-38587  cPanel before 96.0.13, scripts/fix-cpanel-perl
CVE-2021-38588  cPanel before 96.0.13, fix_cpanel_perl lacks ve
CVE-2021-38589  cPanel before 96.0.13, scripts/fix-cpanel-perl
CVE-2021-41550  Leostream Connection Broker 9.0.40.17 allows admin
CVE-2022-30688  needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation.
CVE-2022-33941  PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability.
CVE-2022-39051  OTRS - Attacker might be able to execute malicious Perl code in the Template toolkit, by having the admin installing an unverified 3th party package
CVE-2023-26490	dovecot container stuff
CVE-2022-44542	lesspipe's misuse of Storable
CVE-2023-2868	 Barracuda misuse of non-Perl things
CVE-2023-6078	BIOVIA Materials Studio
CVE-2024-23793 OTRS - not at all about Perl