CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3322 matches found

Vulnrichment•added 2022/09/06 12:0 a.m.•7 views

CVE-2022-36044 Rizin Out-of-bounds Write vulnerability in Lua binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on t...

7.8CVSS7.8AI score0.0036EPSS

Exploits0References5

Tenable Nessus•added 2022/09/06 12:0 a.m.•42 views

Amazon Linux 2022 : redis6, redis6-devel (ALAS2022-2022-115)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-115 advisory. A flaw was found in the Redis database where Lua scripts can be manipulated to overcome ACL rules. This flaw allows an attacker with access to Redis to inject Lua code that executes the...

7.8CVSS6.4AI score0.02189EPSS

Exploits2References5

GithubExploit•added 2022/09/01 4:44 p.m.•596 views

Exploit for Missing Authorization in Redis

CVE-2022-0543 Fully featured exploit for Redis RCE through Lua...

10CVSS10AI score0.9967EPSS

Exploits8

OSV•added 2022/08/26 11:4 a.m.•2 views

OESA-2022-1860 lua security update

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Security Fixes: Use after free in garbage collector and finalizer of lgc.c in Lua...

6.3CVSS6.7AI score0.00985EPSS

Exploits1References2

OSV•added 2022/08/26 11:4 a.m.•7 views

OESA-2022-1866 redis6 security update

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

5.3CVSS6.9AI score0.01702EPSS

Exploits0References2

OPENSUSE Linux•added 2022/08/24 12:0 a.m.•48 views

Security update for freeciv (important)

openSUSE Security Update: Security update for freeciv Announcement ID: openSUSE-SU-2022:10096-1 Rating: important References: 1202548 Cross-References: CVE-2022-6083 Affected Products: openSUSE Backports SLE-15-SP3 An update that fixes one vulnerability is now available. Description: This update...

5.7AI score

Exploits0References1

The Hacker News•added 2022/08/22 2:28 p.m.•56 views

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts

Budget Android device models that are counterfeit versions associated with popular smartphone brands are harboring multiple trojans designed to target WhatsApp and WhatsApp Business messaging apps. The malware, which Doctor Web first came across in July 2022, were discovered in the system partiti...

1.2AI score

Exploits0

Tenable Nessus•added 2022/08/17 12:0 a.m.•53 views

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2022-2270)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to...

9.1CVSS7.7AI score0.90407EPSS

Exploits1References6

OSV•added 2022/08/15 7:15 p.m.•2 views

DEBIAN-CVE-2022-35978

Minetest is a free open-source voxel game engine with easy modding and game creation. In single player, a mod can set a global setting that controls the Lua script loaded to display the main menu. The script is then loaded as soon as the game session is exited. The Lua environment the menu runs i...

10CVSS8.4AI score0.02195EPSS

Exploits0References1

NVD•added 2022/08/15 7:15 p.m.•36 views

CVE-2022-35978

10CVSS0.02195EPSS

Exploits0References3

UbuntuCve•added 2022/08/15 7:15 p.m.•26 views

CVE-2022-35978

10CVSS7.2AI score0.02195EPSS

Exploits0References4

AlpineLinux•added 2022/08/15 7:15 p.m.•36 views

CVE-2022-35978

10CVSS1.3AI score0.02195EPSS

Exploits0

OSV•added 2022/08/15 7:15 p.m.•2 views

UBUNTU-CVE-2022-35978

10CVSS5.8AI score0.02195EPSS

Exploits0References5

Prion•added 2022/08/15 7:15 p.m.•14 views

Design/Logic Flaw

7.5CVSS9.3AI score0.02195EPSS

Exploits0References3Affected Software1

EUVD•added 2022/08/15 7:5 p.m.•3 views

EUVD-2022-38805

10CVSS9.3AI score0.02195EPSS

Exploits0References5

Debian CVE•added 2022/08/15 7:5 p.m.•23 views

CVE-2022-35978

10CVSS9.4AI score0.02195EPSS

Exploits0

Cvelist•added 2022/08/15 7:5 p.m.•32 views

CVE-2022-35978 Lua sandbox escape from mod in Minetest

7.7CVSS9.6AI score0.02195EPSS

Exploits0References3

CVE•added 2022/08/15 7:5 p.m.•71 views

CVE-2022-35978

CVE-2022-35978 (Minetest) affects Minetest prior to patched releases. In single-player mode, a mod can set a global setting that controls the Lua script loaded to display the main menu. The script is loaded as soon as the game session ends, and the Lua environment for the menu is not sandboxed, a...

10CVSS8.5AI score0.02195EPSS

Exploits0References3Affected Software1

OSV•added 2022/08/15 7:5 p.m.•21 views

CVE-2022-35978 Lua sandbox escape from mod in Minetest

7.7CVSS8.8AI score0.02195EPSS

Exploits0References5

Vulnrichment•added 2022/08/15 7:5 p.m.•7 views

CVE-2022-35978 Lua sandbox escape from mod in Minetest

7.7CVSS9.4AI score0.02195EPSS

Exploits0References3

Rows per page