ALPINE-CVE-2024-25178

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in ljstate.c...

ALPINE-CVE-2024-25176

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in ljstrfmtwfnum in ljstrfmtnum.c...

AZL-65424 CVE-2024-25178 affecting package sysbench for versions less than 1.0.20-6

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in ljstate.c...

AZL-65535 CVE-2024-25177 affecting package luajit for versions less than 2.1.0-28

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IRFSTORE for NULL metatable, which leads to Denial of Service DoS...

DEBIAN-CVE-2024-25177

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IRFSTORE for NULL metatable, which leads to Denial of Service DoS...

AZL-65370 CVE-2024-25176 affecting package luajit for versions less than 2.1.0-27

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in ljstrfmtwfnum in ljstrfmtnum.c...

DEBIAN-CVE-2024-25178

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in ljstate.c...

DEBIAN-CVE-2024-25176

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in ljstrfmtwfnum in ljstrfmtnum.c...

UBUNTU-CVE-2024-25178

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in ljstate.c...

UBUNTU-CVE-2024-25176

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in ljstrfmtwfnum in ljstrfmtnum.c...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the ljstrfmtwfnum function in ljstrfmtnum.c. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Gist - GitHub Issue Credit: Kutyavin Maxim...

LuaJIT 安全漏洞

LuaJIT is a LuaJIT open source on-the-fly compiler for the Lua language. A security vulnerability exists in LuaJIT 2.1 and earlier versions that stems from improper handling of IRFSTORE for NULL meta-tables, which could lead to a denial-of-service attack...

📄 Wing FTP Server NULL-byte Authentication Bypass

Wing FTP Server allows arbitrary Lua code injection via a NULL-byte %00 truncation bug CVE-2025-47812. Supplying %00 as the username makes the C++ authentication routine validate only the prefix, while the full string is written unfiltered into the session file and later executed with root/SYSTEM...

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 - Wing FTP Server RCE Exploit This repository...

Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server

CVE-2025-47812 – Wing FTP Server RCE via Lua Injection Auth...

Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution RCE CVE: CVE-2025-47812 Date: 2025-06-30 Exploit Author: Sheikh Mohammad Hasan aka 4m3rr0r https://github.com/4m3rr0r Vendor Homepage: https://www.wftpserver.com/ Version: Wing FTP Server = 7.4.3 Tested on: Linux Root...

CVE-2025-52938

Out-of-bounds Read vulnerability in dail8859 NotepadNext src/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar in lparser.c lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read th...

ROS-20250624-04

A vulnerability in the Lua script interpreter is related to segmentation errors in changedline in ldebug.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-52939

Out-of-bounds Write vulnerability in dail8859 NotepadNext src/lua/src modules. This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects NotepadNext: through v0.11...

CVE-2025-52938

Out-of-bounds Read vulnerability in dail8859 NotepadNext src/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects NotepadNext: through v0.11. The singlevar in lparser.c lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read th...