95 matches found
JLSEC-2026-558
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
JLSEC-2026-556
Stack overflow in luaresume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...
CVE-2026-45721
Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent directories — past the configured server root — looking for a file named handler.lua to execute a...
PT-2026-47115
Stack overflow in lua resume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...
PT-2026-47116
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations NGOs and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua...
CVE-2026-20100
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...
EUVD-2026-9439
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...
CVE-2026-20100
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...
CVE-2026-20100
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...
CVE-2026-20100
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...
CVE-2026-20100
CVE-2026-20100 affects Cisco Secure Firewall ASA/FTD: a vulnerability in the LUA interpreter used by Remote Access SSL VPN could allow an authenticated attacker with a valid VPN connection to cause a device reload and a DoS. The issue stems from unvalidated user input in the LUA interpreter; expl...
CVE-2026-20100
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...
PT-2026-22979
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...
Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞
Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...
CVE-2026-22208
OpenS100 the reference implementation S-100 viewer prior to commit 753cf29 contains a remote code execution vulnerability via an unrestricted Lua interpreter. The Portrayal Engine initializes Lua using luaLopenlibs without sandboxing or capability restrictions, exposing standard libraries such as...
OpenS100 安全漏洞
OpenS100 is an IHO S-101 ENC viewer developed by S-100Viewer personal developers. OpenS100 has a security vulnerability, which stems from an unrestricted Lua interpreter. This vulnerability could allow attackers to execute arbitrary code through malicious S-100 description directories...
PT-2026-20300
Name of the Vulnerable Software and Affected Versions OpenS100 versions prior to commit 753cf29 Description The software contains a remote code execution issue due to an unrestricted Lua interpreter. The Portrayal Engine initializes Lua using luaL openlibs without sandboxing or capability...
Exploit for Use After Free in Redis
PoC exploit for CVE-2025-49844, a high-risk vulnerability in Redis database, known as "RediShell", caused by a use-after-free flaw in the Lua interpreter. The vulnerability allows an unauthenticated attacker or an attacker with Redis access to trigger memory corruption by crafting a Lua script,...
Exploit for Use After Free in Redis
CVE-2025-49844 RediShell Vulnerability Scanner Описание...