UBUNTU-CVE-2026-35094

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

CVE-2026-35094

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

CVE-2022-50934

Rejected reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue...

CVE-2022-50934

CVE-2022-50934 entry rejected; CNA withdrew; not a security issue.

CVE-2022-50934

...

PT-2026-2410

Name of the Vulnerable Software and Affected Versions Wing FTP Server versions 4.3.8 and below Description The software contains a remote code execution issue that allows attackers to execute arbitrary PowerShell commands. An attacker can leverage a crafted Lua script payload, base64-encoded with...

📄 Wing FTP Server NULL-byte Authentication Bypass

Wing FTP Server allows arbitrary Lua code injection via a NULL-byte %00 truncation bug CVE-2025-47812. Supplying %00 as the username makes the C++ authentication routine validate only the prefix, while the full string is written unfiltered into the session file and later executed with root/SYSTEM...