Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : lua-5.4.4-3.el9 (AXSA:2023-5344:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5344:03 advisory. lua: heap buffer overread CVE-2022-28805 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

9.1CVSS8.1AI score0.02919EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-28805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that...

9.1CVSS8.1AI score0.02919EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/07/31 12:0 a.m.71 views

Ubuntu 22.04 LTS : Lua vulnerabilities (USN-6916-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6916-1 advisory. It was discovered that Lua did not properly generate code when ENV is constant. An attacker could possibly use this issue to cause a denial of service or...

9.1CVSS7.7AI score0.02919EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2024/07/30 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-6916-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.1AI score0.02919EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2024/07/29 4:27 a.m.108 views

USN-6916-1: Lua vulnerabilities

It was discovered that Lua did not properly generate code when "ENV" is constant. An attacker could possibly use this issue to cause a denial of service or execute arbitrary unstrusted lua code. CVE-2022-28805 It was discovered that Lua did not properly handle C stack overflows during error...

9.1CVSS7.5AI score0.02919EPSS
Exploits2
CBLMariner
CBLMariner
added 2024/06/21 9:32 a.m.19 views

CVE-2022-28805 affecting package ntopng for versions less than 5.2.1-3

CVE-2022-28805 affecting package ntopng for versions less than 5.2.1-3. A patched version of the package is available...

9.1CVSS6.9AI score0.02919EPSS
Exploits1
CBLMariner
CBLMariner
added 2024/03/19 5:21 p.m.17 views

CVE-2022-28805 affecting package lua for versions less than 5.4.4-2

CVE-2022-28805 affecting package lua for versions less than 5.4.4-2. A patched version of the package is available...

6.4CVSS9.3AI score0.02919EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.28 views

CentOS 9 : lua-5.4.4-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the lua-5.4.4-3.el9 build changelog. - singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-re...

9.1CVSS8.2AI score0.02919EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/25 1:48 p.m.46 views

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboard operands are vulnerable to arbitrary code execution due to [CVE-2022-28805]

Summary Lua is not used directly by IBM App Connect Enterprise Certified Container at runtime, but is present in the Dashboard operand images. Lua is vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported vulnerability in Lua. CVE-2022-28805...

9.1CVSS9.6AI score0.02919EPSS
Exploits1Affected Software1
Oracle linux
Oracle linux
added 2023/05/15 12:0 a.m.98 views

lua security update

5.4.4-3 - Apply upstream patch for CVE-2022-28805...

9.1CVSS7.1AI score0.02919EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.55 views

AlmaLinux 9 : lua (ALSA-2023:2582)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2582 advisory. - singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that mig...

9.1CVSS8.2AI score0.02919EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/05/09 10:3 a.m.37 views

Low: Red Hat Security Advisory: lua security update

An update for lua is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

9.1CVSS7.3AI score0.02919EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.30 views

Low: lua security update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: heap buffer overread CVE-2022-28805 For more details about the security issues,...

9.1CVSS8.7AI score0.02919EPSS
Exploits1References4
OSV
OSV
added 2023/05/09 12:0 a.m.35 views

ALSA-2023:2582 Low: lua security update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: heap buffer overread CVE-2022-28805 For more details about the security issues,...

9.1CVSS8.4AI score0.02919EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.27 views

CBL Mariner 2.0 Security Update: lua (CVE-2022-28805)

The version of lua installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-28805 advisory. - singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call,...

9.1CVSS8.2AI score0.02919EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2022/06/03 5:54 p.m.16 views

CVE-2022-28805 affecting package lua for versions less than 5.4.3-2

CVE-2022-28805 affecting package lua for versions less than 5.4.3-2. A patched version of the package is available...

9.1CVSS9.4AI score0.02919EPSS
Exploits1
CBLMariner
CBLMariner
added 2022/05/12 2:16 a.m.19 views

CVE-2022-28805 affecting package lua 5.3.5-8

CVE-2022-28805 affecting package lua 5.3.5-8. A patched version of the package is available...

9.1CVSS9.9AI score0.02919EPSS
Exploits1
OSV
OSV
added 2022/04/08 6:15 a.m.55 views

CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

9.1CVSS2AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2022/04/08 6:15 a.m.46 views

CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

9.1CVSS7.1AI score0.02919EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/04/08 12:0 a.m.105 views

CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

9.1CVSS8.4AI score0.02919EPSS
Exploits1
Rows per page
Query Builder