ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal as demonstrated by getlocal(32^31).

...

CVE-2024-39840

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...

CVE-2024-39840

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...

CVE-2024-39840

Factorio before 1.1.101 is affected. A crafted server map can trigger arbitrary code execution on clients by abusing certain Lua base module functions to execute bytecode and create fake objects. Affected component: Factorio server/client interaction via custom maps; root cause: Lua base module f...

CVE-2024-39840

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...

CVE-2024-39207

lua-shmem v1.0-1 was discovered to contain a buffer overflow via the shmemwrite function...

PT-2024-28387 · Lua-Shmem · Lua-Shmem

Name of the Vulnerable Software and Affected Versions: lua-shmem version 1.0-1 Description: A buffer overflow issue was discovered in lua-shmem via the shmem write function. Recommendations: For lua-shmem version 1.0-1, consider disabling the shmem write function until a patch is available...

CVE-2024-39207

lua-shmem v1.0-1 was discovered to contain a buffer overflow via the shmemwrite function...

luci-app-lucky security vulnerability

luci-app-lucky is a LuCI application designed for OpenWrt firmware by the individual developer gdy666. A security vulnerability exists in luci-app-lucky version v2.8.3, which stems from the use of hard-coded credentials...

CVE-2024-39207

Lua-shmem v1.0-1 contains a buffer overflow in the shmem_write function. The CVE-2024-39207 entry (CVSS v3.1: 8.2, HIGH) indicates network attack vector with no privileges, no user interaction, causing high availability impact and low integrity impact. Connected advisories corroborate the same de...

CVE-2024-39207

lua-shmem v1.0-1 was discovered to contain a buffer overflow via the shmemwrite function...

Malicious code in lua-circuit-breaker (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2641 Malicious code in lua-circuit-breaker (npm)

--- -= Per source details. Do not edit below this line.=-...

Advisory ROSA-SA-2024-2431

Software: lua 5.3.4 OS: ROSA Virtualization 2.1 packageevrstring: lua-5.3.4 CVE-ID: CVE-2021-43519 BDU-ID: None CVE-Crit: N/A CVE-DESC.: Stack overflow in luaresume of the ldo.c file in Lua Interpreter allows attackers to perform a denial of service via a script file created. CVE-STATUS: Not...

OPENSUSE-SU-2024:10163-1 lua-rrdtool-1.6.0-1.1 on GA media

These are all security issues fixed in the lua-rrdtool-1.6.0-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2021-32672

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger's protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...

RHEL 8 : redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - redis: Redis SORTRO may bypass ACL configuration CVE-2023-41053 Note that Nessus has not tested for this issue but...

RHEL 7 : lua (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lua: overflow flaw in vararg functions CVE-2014-5461 Note that Nessus has not tested for this issue but has instead...

RHEL 6 : lua (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lua: overflow flaw in vararg functions CVE-2014-5461 Note that Nessus has not tested for this issue but has instead...

Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.

More than 600,000 small office/home office SOHO routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet. The mysterious event, which took place between October 25 and 27, 2023,...