Fedora 44 : valkey (2026-3e31dafe5c)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3e31dafe5c advisory. Version 9.0.4 Security fixes - CVE-2026-23479 Use-After-Free in unblock client flow - CVE-2026-25243 Invalid Memory Access in RESTORE command -...

Debian dsa-6279 : redis - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6279 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6279-1 [email protected]...

Fedora 42 : valkey (2026-114b1e5d3a)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-114b1e5d3a advisory. Version 8.0.9 Security fixes - CVE-2026-23479 Use-After-Free in unblock client flow - CVE-2026-25243 Invalid Memory Access in RESTORE command -...

CLSA-2026-1778845249 redis: Fix of 2 CVEs

CVE-2026-23631: fix use-after-free in readSyncBulkPayload when fullsync happens while a Lua script is timed out on the replica - CVE-2026-25243: fix invalid memory access in RESTORE on crafted zipmap, listpack and stream PEL payloads...

Exploit for CVE-2026-44403

Wing FTP Server v8.1.2 contains a Remote Code Execution RCE vu...

MGASA-2026-0134 Updated redis packages fix security vulnerabilities

CVE-2026-23479 Use-After-Free in unblock client flow may lead to Remote Code Execution. CVE-2026-25243 Invalid memory access in RESTORE may lead to Remote Code Execution CVE-2026-23631 Lua Use-After-Free may lead to remote code execution A user can manipulate data read by a connection by injectin...

Updated redis packages fix security vulnerabilities

CVE-2026-23479 Use-After-Free in unblock client flow may lead to Remote Code Execution. CVE-2026-25243 Invalid memory access in RESTORE may lead to Remote Code Execution CVE-2026-23631 Lua Use-After-Free may lead to remote code execution A user can manipulate data read by a connection by injectin...

TencentOS Server 4: redis (TSSA-2026:0218)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0218 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

EUVD-2026-29848

Wing FTP Server 8.1.2 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary Lua code through the domain admin mydirectory field. Attackers can exploit unsafe serialization of session values...

CVE-2026-44403

Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary Lua code through the domain admin mydirectory field. Attackers can exploit unsafe serialization of session...

CVE-2026-44403 Wing FTP Server < 8.1.3 Authenticated Remote Code Execution via Session Serialization

Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary Lua code through the domain admin mydirectory field. Attackers can exploit unsafe serialization of session...

CVE-2026-44403

Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary Lua code through the domain admin mydirectory field. Attackers can exploit unsafe serialization of session...

CVE-2026-44403 Wing FTP Server < 8.1.3 Authenticated Remote Code Execution via Session Serialization

Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary Lua code through the domain admin mydirectory field. Attackers can exploit unsafe serialization of session...

CVE-2026-44403

Wing FTP Server 8.1.2 is affected: an authenticated remote code execution due to unsafe session serialization that injects Lua via the domain admin mydirectory field, leading to code execution when a poisoned session is loaded with loadfile(). Root cause: unsafe serialization of session values in...

PT-2026-40434

Name of the Vulnerable Software and Affected Versions Wing FTP Server version 8.1.2 Description An authenticated remote code execution issue exists in the session serialization mechanism. Authenticated administrators can inject arbitrary Lua code through the domain admin mydirectory field. This...

Exploiting-RCC

Exploiting open ports in RCC Service Having all RCC ports ope...

Windows Registry Security Audit Scanner

This C++ program is a Windows Registry Security Scanner designed for defensive auditing. It checks the presence and status of critical system registry keys such as LSA, Windows Defender, Winlogon, and system policy configurations. It also inspects user accessibility-related registry paths under...

Ubuntu 16.04 LTS : Lua vulnerability (USN-8262-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8262-1 advisory. It was discovered that the Lua parser incorrectly handled garbage collection when processing specially crafted Lua scripts. A remote attacker could possibly use...

Unity Linux 20.1060e / 20.1070e Security Update: redis (UTSA-2026-017593)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017593 advisory. Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debuggers...

Unity Linux 20.1070e Security Update: redis6 (UTSA-2026-017741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017741 advisory. Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua...