229 matches found
CVE-2025-56089
OS Command Injection vulnerability in Ruijie M18 EW3.01B11P226M1810223116 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...
CVE-2025-56077
CVE-2025-56077 describes an OS Command Injection in Ruijie RG-RAP2200(E) 247 2200. A crafted POST request to the module_set in /usr/local/lua/dev_sta/nbr_cwmp.lua can allow arbitrary commands execution. CVSSv3.1 base score 8.8 (Network, Privileges Required: Low, User Interaction: None, Scope: Unc...
Ruijie RG-BCR 安全漏洞
Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR860 version, which originates from an unvalidated input to the actionservice function in the file /usr/lib/lua/luci/controller/admin/service.lua, which could lead to an ...
CVE-2025-56130
OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...
RockyLinux 9 : redis (RLSA-2025:20926)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:20926 advisory. redis: Lua library commands may lead to integer overflow and potential RCE CVE-2025-46817 Redis: Redis: Authenticated users can execute LUA scripts as a...
Redis: Redis is vulnerable to DoS via specially crafted LUA scripts
A vulnerability was found in Redis where an authenticated user to run a crafted Lua script that can read out‑of‑bounds memory or crash the server, leading to information disclosure and denial of service...
RHEL 9 : redis (RHSA-2025:20926)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20926 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, set...
ALSA-2025:20926 Important: redis security update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
Redis: Redis is vulnerable to DoS via specially crafted LUA scripts
A vulnerability was found in Redis where an authenticated user to run a crafted Lua script that can read out‑of‑bounds memory or crash the server, leading to information disclosure and denial of service...
About Remote Code Execution – Redis “RediShell” (CVE-2025-49844) vulnerability
About Remote Code Execution - Redis "RediShell" CVE-2025-49844 vulnerability. Redis is a popular in-memory key–value database, used as a distributed cache and message broker, with optional durability. This vulnerability allows a remote authenticated attacker to execute arbitrary code via a...
EUVD-2021-19457
Malware in sbrugna...
EUVD-2023-31004
Malicious code in bioql PyPI...
EUVD-2025-23818
Malicious code in bioql PyPI...
EUVD-2022-29583
Malicious code in bioql PyPI...
EUVD-2022-38052
Malicious code in bioql PyPI...
EUVD-2022-33743
Malicious code in bioql PyPI...
EUVD-2023-27651
Malicious code in bioql PyPI...
CVE-2025-46819
CVE-2025-46819 affects Redis (versions 8.2.1 and earlier) where an authenticated user can craft a Lua script that reads out-of-bound data or crashes the server, enabling denial of service. The issue is part of a set of Lua-related vulnerabilities (also CVE-2025-46817/46818; and related CVE-2025-4...
CVE-2025-46819
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua...
CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions o...