CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3315 matches found

CVE•added 2020/04/21 12:6 p.m.•236 views

CVE-2020-11966

IQrouter vulnerable through version 3.3.1: the web-panel Lua function reset_password can be invoked remotely to arbitrarily change the root password. Affected: IQrouter firmware up to 3.3.1 (brand-new/unconfigured networks discussed in sources). Underlying issue: reset_password function exposes p...

9.8CVSS9.4AI score0.02992EPSS

In wildExploits3References4Affected Software1

CVE•added 2020/04/21 12:5 p.m.•247 views

CVE-2020-11964

IQrouter up to version 3.3.1 is affected by CVE-2020-11964 due to a vulnerability in the web-panel Lua function diag_set_password, which remote attackers can abuse to change the root password arbitrarily. Affected product: IQrouter firmware

7.5CVSS7.7AI score0.02247EPSS

In wildExploits3References4Affected Software1

Positive Technologies•added 2020/04/21 12:0 a.m.•3 views

PT-2020-12957 · Linux +2 · Linux +2

Name of the Vulnerable Software and Affected Versions: IQrouter versions 3.3.1 and earlier Description: The issue allows remote attackers to change the root password arbitrarily using the Lua function reset password in the web-panel. This can occur on a brand-new network that has not been...

9.8CVSS7AI score0.02992EPSS

Exploits3References7

Tenable Nessus•added 2020/04/16 12:0 a.m.•32 views

EulerOS Virtualization 3.0.2.2 : lua (EulerOS-SA-2020-1477)

According to the version of the lua package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a...

5CVSS5.6AI score0.11572EPSS

Exploits1References2

OpenVAS•added 2020/04/16 12:0 a.m.•18 views

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2020-1477)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.2AI score0.11572EPSS

Exploits1References2

CNVD•added 2020/04/13 12:0 a.m.•6 views

OpenResty Environment Issues Vulnerabilities

OpenResty is China's Ou Rui software development OpenResty company's a Web application server based on Nginx and Lua . An environment issue vulnerability exists in the ngxhttpluasubrequest.c file in OpenResty versions prior to 1.15.8.4. The vulnerability stems from an unreasonable environmental...

7.5CVSS6.9AI score0.02599EPSS

Exploits0

CNVD•added 2020/04/13 12:0 a.m.•4 views

Dungeon Crawl Stone Soup Code Issue Vulnerability

Dungeon Crawl Stone Soup is a single player video game. A security vulnerability exists in Dungeon Crawl Stone Soup versions prior to 0.25. The vulnerability can be exploited by a remote attacker to execute arbitrary code via a .crawlrc file with Lua bytecode...

9.8CVSS7.8AI score0.03923EPSS

Exploits0

OSV•added 2020/04/12 9:15 p.m.•0 views

UBUNTU-CVE-2020-11724

An issue was discovered in OpenResty before 1.15.8.4. ngxhttpluasubrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API...

7.5CVSS7.1AI score0.02599EPSS

Exploits0References5

OSV•added 2020/04/12 7:15 p.m.•20 views

CVE-2020-11722