CVE-2020-9432

opensslx509checkhost in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

CVE-2020-9432

The CVE-2020-9432 issue affects lua-openssl, specifically the openssl_x509_check_host function in version 0.7.7-1. The root cause is that it mis-handles X.509 certificate validation by using lua_pushboolean for non-boolean return values, which can lead to incorrect validation results. Connected s...

CVE-2020-9433

CVE-2020-9433 affects lua-openssl 0.7.7-1, where openssl_x509_check_email mishandles X.509 certificate validation because it uses lua_pushboolean for non-boolean return values. This is the stated root cause; no explicit remediation is provided in the documents. Affected/related entries in the con...

CVE-2020-9433

opensslx509checkemail in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

CVE-2020-9434

opensslx509checkipasc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

CVE-2020-9434

The CVE-2020-9434 issue affects lua-openssl 0.7.7-1, where openssl_x509_check_ip_asc mishandles X.509 certificate validation by returning non-boolean values through lua_pushboolean. Root cause: a mismatch in return type handling during certificate validation, leading to incorrect validation resul...

DrSemu - Malware Detection And Classification Tool Based On Dynamic Behavior

Dr.Semu runs executables in an isolated environment, monitors the behavior of a process, and based on Dr.Semu rules created by you or the community, detects if the process is malicious or not. whoami:@qazqaz With Dr.Semu you can create rules to detect malware based on dynamic behavior of a proces...

CVE-2013-4863

The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows 1 remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or 2 remote authenticated users to execute arbitrary Lua code via a RunLua action in a request...

Design/Logic Flaw

The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows 1 remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or 2 remote authenticated users to execute arbitrary Lua code via a RunLua action in a request...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2019-1776)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2019-2382)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2019-2629)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2019-1978)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2019-2339)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : lua (EulerOS-SA-2019-2629)

According to the version of the lua package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service...

EulerOS 2.0 SP2 : lua (EulerOS-SA-2019-2382)

According to the version of the lua package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service...

The vulnerability of the Lua interpreter implemented in Cisco Adaptive Security Appliance (ASA) and Configure Firepower Threat Defense (FTD) hardware network devices allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the Lua interpreter implemented in Cisco Adaptive Security Appliance ASA and Configure Firepower Threat Defense FTD hardware-based network devices relates to the execution of operations beyond the buffer memory boundaries. Exploiting this vulnerability allows a malicious acto...

EulerOS Virtualization for ARM 64 3.0.3.0 : lua (EulerOS-SA-2019-2339)

According to the version of the lua packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Lua 5.3.5 has a use-after-free in luaupvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker wh...

Cisco Adaptive Security Appliance RCE (cisco-sa-20191112-asa-ftd-lua-rce)

A remote code execution vulnerability exists in the Lua interpreter of Cisco Adaptive Security Appliance ASA software due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. An authenticated, remote attacker can exploit this to bypass...

Cisco Firepower Threat Defense RCE (cisco-sa-20191112-asa-ftd-lua-rce)

A remote code execution vulnerability exists in the Lua interpreter of Cisco Firepower Threat Defense FTD software due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. An authenticated, remote attacker can exploit this to bypass...