algernon 竞争条件问题漏洞

Algernon is a web server developed by Alexander F. Rødseth. Versions of Algernon prior to 1.17.6 contained a race condition vulnerability. This vulnerability stemmed from the sync.RWMutex used in engine/luahandler.go to protect LoadCommonFunctions, which was released before L.Push and L.PCall...

[SECURITY] Fedora 43 Update: prosody-13.0.5-1.fc43

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

CVE-2026-24818

Out-of-bounds Read vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects UEVR: before 1.05...

CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine.

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files lparser.C. This issue affects WickedEngine: through 0.71.727...

CVE-2026-23742 Skipper arbitrary code execution through lua filters

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c.

...

LuaJIT 安全漏洞

LuaJIT is a LuaJIT open source on-the-fly compiler for the Lua language. A security vulnerability exists in LuaJIT 2.1 and earlier versions that stems from improper handling of IRFSTORE for NULL meta-tables, which could lead to a denial-of-service attack...

OESA-2025-1281 syslinux security update

The Syslinux Project covers lightweight bootloaders for MS-DOS FAT filesystems SYSLINUX, network booting PXELINUX, bootable "El Torito" CD-ROMs ISOLINUX, and Linux ext2/ext3/ext4 or btrfs filesystems EXTLINUX. The project also includes MEMDISK, a tool to boot legacy operating systems such as DOS...

OESA-2024-2169 lua security update

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Security Fixes: ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault...

UBUNTU-CVE-2023-4540

Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service DoS attack to be executed by sending a properly crafted request to the server. Such a request causes the program to enter an infinite loop. This issue...

AZL-26155 CVE-2021-45985 affecting package memcached for versions less than 1.6.13-3

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

Moderate: Red Hat Security Advisory: lua security update

An update for lua is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

OESA-2022-1860 lua security update

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Security Fixes: Use after free in garbage collector and finalizer of lgc.c in Lua...

AZL-9048 CVE-2021-44964 affecting package lua for versions less than 5.4.4-1

Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...

Lua Heap Buffer Overflow Vulnerability

Lua is a lightweight, extensible open source scripting language from the Lua team. A buffer overflow vulnerability exists in Lua 5.4.0 and earlier versions, which stems from the program failing to properly check boundaries. A remote attacker can exploit the vulnerability with specially crafted...

Wing FTP Server 6.3.8 Remote Code Execution

Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution Authenticated Date: 2020-06-26 Exploit Author: v1n1v131r4 Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: 6.3.8 Tested on: Windows 10 CVE : -- Wing FTP Server have a web conso...

Wing FTP Server 6.3.8 - Remote Code Execution (Authenticated)

Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution Authenticated Date: 2020-06-26 Exploit Author: v1n1v131r4 Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: 6.3.8 Tested on: Windows 10 CVE : -- Wing FTP Server have a web conso...

RHAPIS - Network Intrusion Detection Systems Simulator

Network intrusion detection systems simulator. RHAPIS provides a simulation environment through which user is able to execute any IDS operation. Basic Usage Type HELP in the console in order to see the available commands. RHAPIS is written in Lua language. You need to have installed Lua in order ...

Hijacking NodeMCU Development Board-vulnerability warning-the black bar safety net

Long before the want to play the Board, The do nothing poor and can't afford it. Just the school issued a NodeMCU, although it is a cheap Board, play play is also good. This Board also let me play for several days, a start is to build a good car, in teacher to a Scratch on the play for a moment,...

Sandcat Browser 2.0 Released - Penetration Testing Oriented Browser

Sandcat Browser 2.0 Released, Penetration Testing Oriented Browser Sandcat Browser version 2.0 includes several user interface and experience improvements, an improved extension system, RudraScript support and new extensions. What is Sandcat Browser? The fastest web browser combined with the...