CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

95 matches found

OSV•added 2021/11/09 1:15 p.m.•3 views

AZL-41445 CVE-2021-43519 affecting package ntopng for versions less than 5.2.1-5

Stack overflow in luaresume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...

5.5CVSS6.5AI score0.01136EPSS

Exploits1References1

Prion•added 2021/11/09 1:15 p.m.•18 views

Stack overflow

Stack overflow in luaresume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...

4.3CVSS5.8AI score0.01136EPSS

Exploits1References4Affected Software2

OSV•added 2021/11/09 1:15 p.m.•1 views

UBUNTU-CVE-2021-43519

Stack overflow in luaresume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...

5.5CVSS6.4AI score0.01136EPSS

Exploits1References5

UbuntuCve•added 2021/11/09 1:15 p.m.•32 views

CVE-2021-43519

Stack overflow in luaresume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...

5.5CVSS6.5AI score0.01136EPSS

Exploits1References4

CVE•added 2021/11/09 12:26 p.m.•140 views

CVE-2021-43519

CVE-2021-43519: Lua stack overflow in lua_resume (ldo.c) of Lua 5.1.0–5.4.4 allows DoS via crafted script files. Connected findings show affected packages across distributions: MiracleLinux 9 (lua-5.4.4-2.el9), Linux distros with lua/memcached/ntopng packages, and Mariner/CBL Mariner advisories r...

5.5CVSS5.5AI score0.01136EPSS

Exploits1References4Affected Software1

CNNVD•added 2021/11/09 12:0 a.m.•2 views

Lua 缓冲区错误漏洞

Lua is a lightweight, extensible open source scripting language from the Lua LUA team. A buffer error vulnerability exists in Lua Interpreter that stems from luaresume in the product ldo.c file failing to properly handle data files. An attacker could use this vulnerability to cause a denial of...

5.5CVSS6.4AI score0.01136EPSS

Exploits1References7

BDU FSTEC•added 2021/10/20 12:0 a.m.•2 views

The vulnerability of Lua interpreter in the Redis database management system allows attackers to execute arbitrary code.

The vulnerability of Lua interpreter in the Redis database management system is related to the possibility of buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.6CVSS7.2AI score0.15126EPSS

Exploits0References12Affected Software6

BDU FSTEC•added 2021/07/20 12:0 a.m.•2 views

The vulnerability of the ldebug.c component of the Lua script interpreter, related to a numerical loss of significance, allows an attacker to trigger a service failure.

The vulnerability of the ldebug.c component of the Lua script interpreter is related to a numerical loss of significance. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

5.3CVSS6.3AI score0.03865EPSS

Exploits1References13Affected Software5

BDU FSTEC•added 2020/12/15 12:0 a.m.•2 views

The vulnerability of the Lua interpreter used in Cisco IOS XE operating systems allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the Lua interpreter used in Cisco IOS XE operating systems is related to insufficient restrictions on function calls. Exploiting this vulnerability allows an attacker to execute arbitrary code with root privileges...

5.2CVSS7.4AI score0.00386EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2020/10/02 12:0 a.m.•96 views

Cisco IOS XE Software Arbitrary Code Execution (cisco-sa-ios-lua-rce-7VeJX4f)

According to its self-reported version, Cisco IOS XE Software is affected by an arbitrary code execution vulnerability in its Lua interpreter due to insufficient permission checks on Lua function calls. An authenticated, local attacker can exploit this to bypass authentication and execute arbitra...

7.2CVSS8AI score0.00386EPSS

Exploits0References3

NVD•added 2020/09/24 6:15 p.m.•19 views

CVE-2020-3423

A vulnerability in the implementation of the Lua interpreter that is integrated in Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code with root privileges on the underlying Linux operating system OS of an affected device. The vulnerability is due to...

7.2CVSS0.00386EPSS

Exploits0References1

Prion•added 2020/09/24 6:15 p.m.•20 views

Buffer overflow

7.2CVSS6.8AI score0.00386EPSS

Exploits0References1

Vulnrichment•added 2020/09/24 6:1 p.m.•20 views

CVE-2020-3423 Cisco IOS XE Software Arbitrary Code Execution Vulnerability

5.1CVSS7.8AI score0.00386EPSS

Exploits0References1

Cvelist•added 2020/09/24 6:1 p.m.•31 views

CVE-2020-3423 Cisco IOS XE Software Arbitrary Code Execution Vulnerability

5.1CVSS6.8AI score0.00386EPSS

Exploits0References1

Cisco•added 2020/09/24 4:0 p.m.•45 views

Cisco IOS XE Software Arbitrary Code Execution Vulnerability

5.1CVSS2.8AI score0.00386EPSS

Exploits0References1

OSV•added 2020/09/23 1:15 a.m.•0 views

CVE-2019-15992

A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating...

7.2CVSS6.1AI score

Exploits0References1

NVD•added 2020/09/23 1:15 a.m.•26 views

CVE-2019-15992

9CVSS0.04122EPSS

Exploits0References1

Prion•added 2020/09/23 1:15 a.m.•14 views

Design/Logic Flaw

9CVSS7.4AI score0.04122EPSS

Exploits0References1Affected Software3

Cvelist•added 2020/09/23 12:27 a.m.•22 views

CVE-2019-15992 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability