Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Amazon
Amazonadded 2026/03/05 12:0 a.m.3 views

Important: valkey

Issue Overview: Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other user...

8.5CVSS6.2AI score0.00415EPSS
Exploits0
OSV
OSVadded 2026/02/26 8:53 a.m.5 views

BIT-VALKEY-2025-67733 Valkey Affected by RESP Protocol Injection via Lua error_reply

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

8.5CVSS5.8AI score0.00415EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/02/23 7:39 p.m.24 views

CVE-2025-67733 Valkey Affected by RESP Protocol Injection via Lua error_reply

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

8.5CVSS0.00415EPSS
Exploits0References1
CVE
CVEadded 2026/02/23 7:39 p.m.25 views

CVE-2025-67733

Valkey is affected by a RESP protocol injection via Lua error_reply. Before versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user could inject information into the response stream through scripting commands, potentially corrupting or returning tampered data to other users on the same connect...

8.5CVSS5.6AI score0.00415EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/01/27 8:46 a.m.27 views

CVE-2026-24809 Save stack space while handling errors in praydog/REFramework

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

6.9CVSS0.00139EPSS
Exploits0References1
OSV
OSVadded 2022/07/01 12:15 p.m.4 views

AZL-41192 CVE-2022-33099 affecting package ntopng for versions less than 5.2.1-4

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

7.5CVSS6.8AI score0.02079EPSS
Exploits1References1
OSV
OSVadded 2022/07/01 12:15 p.m.3 views

AZL-10045 CVE-2022-33099 affecting package lua for versions less than 5.4.3-4

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

7.5CVSS6.8AI score0.02079EPSS
Exploits1References1
OSV
OSVadded 2015/04/13 2:59 p.m.5 views

CVE-2015-2939

Cross-site scripting XSS vulnerability in the Scribunto extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a function name, which is not properly handled in a Lua error backtrace...

5.4AI score
Exploits0References8
Rows per page
Query Builder