CVE-2020-15888 affecting package lua 5.3.5-9

CVE-2020-15888 affecting package lua 5.3.5-9. A patched version of the package is available...

CVE-2020-24342 affecting package lua 5.3.5-8

CVE-2020-24342 affecting package lua 5.3.5-8. A patched version of the package is available...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2020-2455)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode

A flaw was found in vim in the restricted mode, where all commands that make use of external shells are disabled. However, it was found that users could still execute some arbitrary OS commands in the restricted mode. This flaw was fixed by filtering the functions that can call OS commands...

EulerOS 2.0 SP2 : vim (EulerOS-SA-2020-2404)

According to the version of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces e.g., Python, Ruby, o...

[ASA-202010-5] lua: arbitrary code execution

Arch Linux Security Advisory ASA-202010-5 ========================================= Severity: High Date : 2020-10-18 CVE-ID : CVE-2020-15888 CVE-2020-15889 Package : lua Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1207 Summary ======= The package lua...

Fedora 32 : prosody (2020-a48bf86c27)

Prosody 0.11.7 ============== This is a security release for the 0.11.x stable branch. It is strongly recommended that all users upgrade to this release, especially those whose deployments have enabled modwebsocket. As well as upgrading, we recommend all public deployments to review and configure...

Fedora 31 : prosody (2020-1e1b527524)

Prosody 0.11.7 ============== This is a security release for the 0.11.x stable branch. It is strongly recommended that all users upgrade to this release, especially those whose deployments have enabled modwebsocket. As well as upgrading, we recommend all public deployments to review and configure...

Fedora: Security Advisory for prosody (FEDORA-2020-a48bf86c27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for prosody (FEDORA-2020-1e1b527524)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 31 Update: prosody-0.11.7-1.fc31

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

[SECURITY] Fedora 32 Update: prosody-0.11.7-1.fc32

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

CVE-2020-15889 affecting package lua 5.3.5-9

CVE-2020-15889 affecting package lua 5.3.5-9. A patched version of the package is available...

PoetRAT: Malware targeting public and private sector in Azerbaijan evolves

By Warren Mercer, Paul Rascagneres and Vitor Ventura. The Azerbaijan public sector and other important organizations are still targeted by new versions of PoetRAT.This actor leverages malicious Microsoft Word documents alleged to be from the Azerbaijan government.The attacker has moved from Pytho...

[SECURITY] Fedora 33 Update: prosody-0.11.7-1.fc33

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

Cisco IOS XE Software Arbitrary Code Execution (cisco-sa-ios-lua-rce-7VeJX4f)

According to its self-reported version, Cisco IOS XE Software is affected by an arbitrary code execution vulnerability in its Lua interpreter due to insufficient permission checks on Lua function calls. An authenticated, local attacker can exploit this to bypass authentication and execute arbitra...

EulerOS Virtualization for ARM 64 3.0.6.0 : vim (EulerOS-SA-2020-2001)

According to the version of the vim packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2020-2001)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for lua (FEDORA-2020-38e35de8aa)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: lua-5.4.0-7.fc33

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...