CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3296 matches found

Cvelist•added 2020/08/17 4:6 p.m.•16 views

CVE-2020-24369

ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference...

7.4AI score0.00573EPSS

Exploits1References2

CVE•added 2020/08/17 4:6 p.m.•65 views

CVE-2020-24369

CVE-2020-24369 affects Lua 5.4.0 where ldebug.c attempts to access debug information via the line hook of a stripped function, resulting in a NULL pointer dereference (potential crash). The issue is tied to Lua’s internal debug handling and is documented in BIT-LUA-2020-24369 and linked OpenSUSE/...

7.5CVSS7.3AI score0.00573EPSS

Exploits1References2Affected Software1

Cvelist•added 2020/08/17 4:6 p.m.•21 views

CVE-2020-24371

lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage...

5.4AI score0.0046EPSS

Exploits1References2

CVE•added 2020/08/17 4:6 p.m.•163 views

CVE-2020-24371

OpenSUSE/SUSE advisories confirm CVE-2020-24371 affects lua53 (Lua 5.3.x branch) in openSUSE Leap 15.3. Root cause: lgc.c mishandling the interaction between barriers and the sweep phase causes a memory access violation in collectgarbage. Upgrade Lua to version 5.3.6 as part of the openSUSE-SU-20...

5.3CVSS5.3AI score0.0046EPSS

Exploits1References2Affected Software1

Debian CVE•added 2020/08/17 4:6 p.m.•30 views

CVE-2020-24371

lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage...

5.3CVSS6AI score0.0046EPSS

Exploits1

CNVD•added 2020/08/17 12:0 a.m.•1 views

Lua Buffer Overflow Vulnerability

Lua is a lightweight, extensible open source scripting language from the Lua team. A buffer overflow vulnerability exists in luaOpushvfstring in Lua 5.4.0 and earlier versions, which originates when a networked system or product performs an operation in memory without properly validating the data...

7.8CVSS7.1AI score0.00307EPSS

Exploits1References1

Positive Technologies•added 2020/08/17 12:0 a.m.•1 views

PT-2020-15712 · Lua · Lua

Name of the Vulnerable Software and Affected Versions: Lua version 5.4.0 Description: The issue arises in the ldebug.c file of Lua 5.4.0, where it attempts to access debug information via the line hook of a stripped function. This results in a NULL pointer dereference. Recommendations: For Lua...

7.5CVSS7.4AI score0.00573EPSS

Exploits1References7

Debian CVE•added 2020/08/17 12:0 a.m.•33 views

CVE-2020-24370

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal3,2^31...

5.3CVSS6AI score0.02019EPSS

Exploits1

Cvelist•added 2020/08/17 12:0 a.m.•24 views

CVE-2020-24370

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal3,2^31...

5.7AI score0.02019EPSS

Exploits1References6

Positive Technologies•added 2020/08/17 12:0 a.m.•3 views

PT-2020-15713 · Lua +1 · Lua +1

Name of the Vulnerable Software and Affected Versions: Lua version 5.4.0 Description: The issue is related to the interaction between barriers and the sweep phase in the lgc.c component of Lua, leading to a memory access violation involving collectgarbage. Recommendations: For Lua version 5.4.0, ...

5.3CVSS5.3AI score0.02019EPSS

Exploits2References22

CVE•added 2020/08/17 12:0 a.m.•308 views

CVE-2020-24370

CVE-2020-24370 affects Lua via a negation overflow in ldebug.c, enabling a segmentation fault in getlocal and setlocal. Connected sources confirm this impacts Lua 5.4.0 and publicly documented mitigations include Lua 5.3 and Lua 5.4.x patches; advisories from Debian (DLA-2381-1 and DLA-3469-1) an...

5.3CVSS5.5AI score0.02019EPSS

Exploits1References6Affected Software1