Improper Input Validation

freedroidrpg:sid is vulnerable to Improper Input Validation. files within 'savestructinternal.c' where save game data is composed can be modified to add in any lua code which can lead to arbitrary code execution when loading...

CVE-2023-23551

Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code...

CVE-2023-23551

Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code...

Code injection

Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code...

CVE-2023-23551 X-600M Code Injection

Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code...

CVE-2023-23551

CVE-2023-23551 affects Control By Web X-600M web-enabled industrial I/O controllers. The vulnerability arises from improper generation of code, allowing Lua-script execution that could let an attacker remotely execute arbitrary code via the network. Affected device: X-600M; root cause: code injec...

CVE-2023-23551 X-600M Code Injection

Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code...

Control By Web X-600M 代码注入漏洞

Control By Web X-600M is a modular, web-enabled industrial I/O controller from Control By Web. The Control By Web X-600M suffers from a code injection vulnerability that stems from running Lua scripts that are susceptible to code injection attacks. An attacker could exploit this vulnerability to...

PT-2023-1509 · Controlbyweb · Control By Web X-600M

Name of the Vulnerable Software and Affected Versions: Control By Web X-600M affected versions not specified Description: The issue is related to code injection in Lua scripts, which could allow an attacker to remotely execute arbitrary code. This is due to errors in code generation. The...

CVE-2020-36661

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

CVE-2020-36661

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

Information disclosure

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

CVE-2020-36661

CVE-2020-36661 affects Kong lua-multipart 0.5.8-1. The vulnerability resides in the is_header function in src/multipart.lua, causing inefficient regular expression complexity (redos). The issue has a stated fix: upgrade to version 0.5.9-1, with the patch identified as d632e5df43a2928fd537784a99a7...

CVE-2020-36661 Kong lua-multipart multipart.lua is_header redos

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

CVE-2020-36661 Kong lua-multipart multipart.lua is_header redos

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

PT-2023-11829 · Kong · Kong Lua-Multipart

Name of the Vulnerable Software and Affected Versions: Kong lua-multipart version 0.5.8-1 Description: A vulnerability was found in the function is header of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Recommendations: For Kong lua-multipart...

lua-multipart 安全漏洞

lua-multipart is a Lua library for parsing and editing multipart/form-data data. A security vulnerability exists in Kong lua-multipart version 0.5.8-1. An attacker has exploited the vulnerability to reduce regular expression complexity...

[SECURITY] Fedora 37 Update: redis-7.0.8-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

Fedora: Security Advisory for redis (FEDORA-2023-fbfe7a6cfe)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Rocky Linux 9 : redis (RLSA-2022:8096)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8096 advisory. - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior ...