CVE-2026-24820

CVE-2026-24820 is described across multiple sources as an Out-of-bounds Read vulnerability in turanszkij WickedEngine, specifically linked to WickedEngine/LUA modules and a code segment in ldebug.C. Affected software is WickedEngine prior to version 0.71.705. The connected documents do not provid...

CVE-2026-24820

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705...

CVE-2026-24820 A stack overflow vulnerability in turanszkij/WickedEngine

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705...

CVE-2026-24820 A stack overflow vulnerability in turanszkij/WickedEngine

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705...

CVE-2026-24818

Out-of-bounds Read vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects UEVR: before 1.05...

CVE-2026-24817 A potential heap-buffer overflow in praydog/UEVR

Out-of-bounds Write vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects UEVR: before 1.05...

CVE-2026-24817 A potential heap-buffer overflow in praydog/UEVR

Out-of-bounds Write vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects UEVR: before 1.05...

PT-2026-4892

Out-of-bounds Write vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects UEVR: before 1.05...

PT-2026-4896

Name of the Vulnerable Software and Affected Versions turanszkij WickedEngine versions through 0.71.727 Description An out-of-bounds read issue exists in turanszkij WickedEngine, specifically within the LUA modules and associated file lparser.C. The issue is a heap-based buffer over-read that can...

PT-2026-4895

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705...

PT-2026-4893

Out-of-bounds Read vulnerability in praydog UEVR dependencies/lua/src modules. This vulnerability is associated with program files lparser.C. This issue affects UEVR: before 1.05...

CVE-2025-56108

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua...

PT-2025-50677

Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO version X30-PRO-V1 09241521 Description An OS Command Injection issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521. Attackers can execute arbitrary commands by sending a specially crafted POST request to the pwdmodify...

CVE-2025-56113

CVE-2025-56113 affects Ruijie RG-YST EST and YSTAP 3.0(1)B11P280YST250F, with the vulnerable component being the pwdmodify function in /usr/lib/lua/luci/modules/common.lua. The root cause is an OS Command Injection vulnerability triggered by a crafted POST request to pwdmodify, allowing an attack...

CVE-2025-56099

CVE-2025-56099 affects Ruijie RG-YST AP with firmware 3.0(1)B11P280YST250F. The issue is an OS Command Injection in the pwdmodify handler located at /usr/lib/lua/luci/modules/common.lua, triggered by a crafted POST request. The vulnerability allows an attacker to execute arbitrary commands with l...

CVE-2025-52939

Out-of-bounds Write vulnerability in dail8859 NotepadNext src/lua/src modules. This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects NotepadNext: through v0.11...

PT-2025-26589 · Unknown · Notepadnext

Name of the Vulnerable Software and Affected Versions: NotepadNext versions through v0.11 Description: The issue is an Out-of-bounds Write vulnerability in dail8859 NotepadNext, affecting the src/lua/src modules, specifically program files ldebug.C and lvm.C. Recommendations: For NotepadNext...

Fedora 28 : knot-resolver (2018-c894f896fd)

Knot Resolver 2.4.0 2018-07-03 ================================ Incompatible changes -------------------- - minimal libknot version is now 2.6.7 to pull in latest fixes 366 Security -------- - fix a rare case of zones incorrectly dowgraded to insecure status !576 New features ------------ - TLS...

Fedora 27 : knot-resolver (2018-50d055a5af)

Knot Resolver 2.4.0 2018-07-03 ================================ Incompatible changes -------------------- - minimal libknot version is now 2.6.7 to pull in latest fixes 366 Security -------- - fix a rare case of zones incorrectly dowgraded to insecure status !576 New features ------------ - TLS...

Snack Attack: Analyzing Flame's Replication Pattern

The Flame malware uses several methods to replicate itself. The most interesting one is the use of the Microsoft Windows Update service. This is implemented in Flame’s “SNACK”, “MUNCH” and “GADGET” modules. Being parts of Flame, these modules are easily reconfigurable. The behavior of these modul...