Lucene search
+L

28 matches found

SUSE CVE
SUSE CVE
added 2026/04/24 1:28 a.m.11 views

SUSE CVE-2026-41196

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

10CVSS6.2AI score0.00374EPSS
Exploits0References3
OSV
OSV
added 2026/04/23 2:16 a.m.6 views

DEBIAN-CVE-2026-41196

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

10CVSS6.1AI score0.00374EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/23 12:28 a.m.5 views

CVE-2026-41196 Luanti has a mod security sandbox escape

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

9CVSS6.2AI score0.00374EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/23 12:28 a.m.31 views

CVE-2026-41196 Luanti has a mod security sandbox escape

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

9CVSS0.00374EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/23 12:28 a.m.8 views

EUVD-2026-25154

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

9CVSS6.2AI score0.00374EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:28 a.m.13 views

CVE-2026-41196

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

9CVSS6.2AI score0.00374EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.10 views

PT-2026-34594

Name of the Vulnerable Software and Affected Versions Luanti versions 5.0.0 through 5.15.1 Description A malicious mod can escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This issue affects server-side mods, async, mapgen, and...

10CVSS6.2AI score0.00374EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-41196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially...

10CVSS6.1AI score0.00374EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/16 11:27 p.m.6 views

SUSE CVE-2026-40960

Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trustedmods or secure.httpmods, then a crafted mod can intercept the request for the insecure environment or HTTP API, and also receive access to it...

8.1CVSS5.7AI score0.00171EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/16 12:51 a.m.5 views

CVE-2026-40959

Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...

9.3CVSS5.8AI score0.00182EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.9 views

PT-2026-33197

Name of the Vulnerable Software and Affected Versions Luanti versions 5.0 through 5.15.1 Description A sandbox escape exists when LuaJIT is used, allowing a crafted mod to execute arbitrary code outside the game engine. Recommendations Update to version 5.15.2...

9.3CVSS6.2AI score0.00182EPSS
Exploits0References15
NVD
NVD
added 2026/01/14 5:16 p.m.10 views

CVE-2026-21889

Weblate is a web based localization tool. Prior to 5.15.2, the screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. This vulnerability is fixed in 5.15.2...

7.5CVSS0.00323EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.7 views

PT-2026-2916

Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.15.2 Description Weblate is a web-based localization tool. Prior to version 5.15.2, screenshot images were served directly by the HTTP server without appropriate access controls. This allowed an unauthenticated user...

7.5CVSS5.9AI score0.00323EPSS
Exploits0References17
OSV
OSV
added 2024/06/15 12:0 a.m.10 views

OPENSUSE-SU-2024:11879-1 libQt5Bootstrap-devel-static-32bit-5.15.2+kde294-4.1 on GA media

These are all security issues fixed in the libQt5Bootstrap-devel-static-32bit-5.15.2+kde294-4.1 package on the GA media of openSUSE Tumbleweed...

7.8CVSS7.8AI score0.00334EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.15 views

OPENSUSE-SU-2024:11813-1 libQt5Bootstrap-devel-static-32bit-5.15.2+kde294-2.1 on GA media

These are all security issues fixed in the libQt5Bootstrap-devel-static-32bit-5.15.2+kde294-2.1 package on the GA media of openSUSE Tumbleweed...

7.8CVSS7.6AI score0.00894EPSS
Exploits0References1
NVD
NVD
added 2024/06/11 6:15 a.m.22 views

CVE-2024-31397

Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service DoS condition...

4.9CVSS0.00454EPSS
Exploits0References2
OSV
OSV
added 2024/06/11 6:15 a.m.6 views

CVE-2024-31397

Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service DoS condition...

4.9CVSS5.7AI score0.00454EPSS
Exploits0References2
OSV
OSV
added 2024/06/11 5:15 a.m.4 views

CVE-2024-31401

Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script on the web browser of the user who is logging in to the product...

9CVSS5.9AI score0.00504EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/11/24 12:0 a.m.32 views

WordPress Abandoned Cart Lite for WooCommerce Plugin < 5.15.2 Authentication Bypass Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tychesoftwares:abandonedcartliteforwoocommerce"; if...

9.8CVSS7AI score0.41077EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2023/11/03 12:0 a.m.19 views

Zoom Client for Meetings 5.15.0 < 5.15.2 Vulnerability (ZSB-23025)

The version of Zoom Client for Meetings installed on the remote host is between 5.15.0 and 5.15.2. It is, therefore, affected by a vulnerability as referenced in the ZSB-23025 advisory. - Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive...

7.5CVSS7.3AI score0.0053EPSS
Exploits0References2
Rows per page
Query Builder