CVE-2026-28805

creationtimestamp| type| source ---|---|--- 2026-04-01 15:13:27+00:00| published-proof-of-concept| https://github.com/devcode-it/openstamanager/security/advisories/GHSA-3gw8-3mg3-jmpc 2026-04-02 15:21:07+00:00| published-proof-of-concept| Telegram/613aY007LGHyW6rIrja4BsrlzuBvUbPzSCrjge10VR5WoE...

MiracleLinux 9 : lua-5.4.4-3.el9 (AXSA:2023-5344:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5344:03 advisory. lua: heap buffer overread CVE-2022-28805 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

CVE-2023-28805

An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105...

Linux Distros Unpatched Vulnerability : CVE-2022-28805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that...

Ubuntu 22.04 LTS : Lua vulnerabilities (USN-6916-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6916-1 advisory. It was discovered that Lua did not properly generate code when ENV is constant. An attacker could possibly use this issue to cause a denial of service or...

Ubuntu: Security Advisory (USN-6916-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-28805

creationtimestamp| type| source ---|---|--- 2024-07-29 22:09:46+00:00| seen| https://t.me/cvedetector/1918...

USN-6916-1: Lua vulnerabilities

It was discovered that Lua did not properly generate code when "ENV" is constant. An attacker could possibly use this issue to cause a denial of service or execute arbitrary unstrusted lua code. CVE-2022-28805 It was discovered that Lua did not properly handle C stack overflows during error...

CVE-2024-28805

An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control...

CVE-2022-28805 affecting package ntopng for versions less than 5.2.1-3

CVE-2022-28805 affecting package ntopng for versions less than 5.2.1-3. A patched version of the package is available...

CVE-2022-28805 affecting package lua for versions less than 5.4.4-2

CVE-2022-28805 affecting package lua for versions less than 5.4.4-2. A patched version of the package is available...

CentOS 9 : lua-5.4.4-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the lua-5.4.4-3.el9 build changelog. - singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-re...

CVE-2023-28805

creationtimestamp| type| source ---|---|--- 2023-10-23 18:37:46+00:00| seen| https://t.me/cibsecurity/72773...

CVE-2023-28805

An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105...

CVE-2023-28805

An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105...

CVE-2023-28805 ZCC on Linux privilege escalation

An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105...

CVE-2023-28805 ZCC on Linux privilege escalation

An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105...

CVE-2023-28805

CVE-2023-28805 affects Zscaler Client Connector on Linux prior to 1.4.0.105 due to improper input validation, enabling privilege escalation. Remediation: update to version 1.4.0.105 or later. Exploitation details are not provided in the supplied sources.

BELL-CVE-2022-28805 CVE-2022-28805 does not affect BellSoft software

Bulletin has no description...

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboard operands are vulnerable to arbitrary code execution due to [CVE-2022-28805]

Summary Lua is not used directly by IBM App Connect Enterprise Certified Container at runtime, but is present in the Dashboard operand images. Lua is vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported vulnerability in Lua. CVE-2022-28805...