201 matches found
Important: redis:5 security update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
CVE-2021-32626
A heap buffer overflow was found in redis. Specially crafted Lua scripts executing in Redis cause the heap-based Lua stack to overflow due to incomplete checks for this condition. This flaw allows a remote attacker to corrupt the heap and potentially trigger remote code execution. The highest...
CVE-2020-14939
An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...
CVE-2020-14939
An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...
CVE-2020-14939
An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...
Code injection
An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...
UBUNTU-CVE-2020-14939
An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...
CVE-2020-14939
An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...
PT-2020-14076 · Freedroidrpg +1 · Freedroidrpg +1
Name of the Vulnerable Software and Affected Versions: FreedroidRPG version 1.0rc2 Description: An issue was discovered in savestruct internal.c where saved game files, composed of Lua scripts, can be modified to include arbitrary Lua code. This leads to arbitrary code execution during game...
PT-2019-3973 · Cisco +1 · Cisco Ftd +2
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the implementation of the Lua interpreter integrated in...
CUJO Smart Firewall Code Injection Vulnerability
CUJO Smart Firewall is a home smart firewall device from CUJO USA. A code injection vulnerability exists in the Safe Browsing feature in the CUJO Smart Firewall using firmware version 7003. An attacker can exploit this vulnerability by sending an HTTP request to execute arbitrary Lua scripts in t...
Bitdefender BOX 2 bootstrap update_setup command execution vulnerability
Summary An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method /api/updatesetup does not perform firmware signature checks atomically, leading to an exploitable race condition TOCTTOU that allows arbitrary execution o...
Bitdefender BOX 2 bootstrap download_image command injection vulnerability
Summary An exploitable command injection vulnerability exists in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method /api/downloadimage unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands...
Outpost24 Appsec Scale for Web Application Scanning
Today I would like to write about yet another Outpost24 product - cloud Web Application Scanner Appsec Scale. It is available in the same interface as Outpost24 Outscan, that I reviewed earlier. Select APPSEC SCALE in the start menu and you can scan web applications: New application If you don't...
Wireshark Code Execution and Denial of Service Vulnerabilities (Mac OS X)
This host is installed with Wireshark and is prone to code execution and denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkcodeexecndosvulnmacosx.nasl 5988 2017-04-20 09:02:29Z teissa $ Wireshark Code Execution and Denial of Service Vulnerabilities Mac OS X Authors:...
Wireshark Code Execution and Denial of Service Vulnerabilities - Mac OS X
Wireshark is prone to code execution and denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Wireshark Lua Untrusted Search Path vulnerability
Added: 11/25/2011 CVE: CVE-2011-3360 BID: 49528 OSVDB: 75347 Background Wireshark is a network packet analyzer. Problem A vulnerability in Wireshark allows execution of arbitrary Lua scripts placed in untrusted directories which are included in Wireshark's search path. Resolution Upgrade to...
Wireshark 1.6.x < 1.6.2 Multiple Vulnerabilities
The installed version of Wireshark is 1.6.x before 1.6.2. This version is affected by the following vulnerabilities : - An error exists in IKE dissector that can allow denial of service attacks when processing certain malformed packets. CVE-2011-3266 - A buffer exception handling vulnerability...
Wireshark 1.4.x < 1.4.9 Multiple Vulnerabilities
The installed version of Wireshark is 1.4.x before 1.4.9. This version is affected by the following vulnerabilities : - An error exists in IKE dissector that can allow denial of service attacks when processing certain malformed packets. CVE-2011-3266 - A buffer exception handling vulnerability...
[SECURITY] Fedora 7 Update: midori-0.0.17-3.fc7
Midori is a lightweight web browser, and has many features expected of a modern browser, including: Full integration with GTK+2. Fast rendering with WebKit. Tabs, windows and session management. Bookmarks are stored with XBEL. Searchbox based on OpenSearch. Custom context menu actions. User scrip...