openSUSE Security Update : slurm (openSUSE-2019-2536)

This update for slurm fixes the following issues : Security issue fixed : - CVE-2019-12838: Fixed a SQL injection bsc1140709. Non-security issue fixed : - Added X11-forwarding bsc1153245. - Moved srun from 'slurm' to 'slurm-node': srun is required on the nodes as well so sbatch will work...

PHICOMM K2 Remote Code Execution Vulnerability

The PHICOMM K2 is a wireless router from the Chinese company PHICOMM. A remote code execution vulnerability exists in /usr/lib/lua/luci/controller/admin/autoupgrade.lua in PHICOMM K2 version V22.5.9.163, which can be exploited to execute arbitrary commands using shell metacharacters in the...

CVE-2019-19117

/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2PSG1218 V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter...

lua security and bug fix update

5.3.4-11 - Fix use after free in luaupvaluejoin 1670167...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability

A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating...

Denial Of Service (DoS)

lua is vulnerable to denial of service DoS. The vulnerability exists due to a use-after-free issue in luaupvaluejoin in lapi.c...

PT-2019-3973 · Cisco +1 · Cisco Ftd +2

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the implementation of the Lua interpreter integrated in...

RHEL 8 : lua (RHSA-2019:3706)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3706 advisory. The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently us...

lua: use-after-free in lua_upvaluejoin in lapi.c resulting in denial of service

Lua 5.3.5 has a use-after-free in luaupvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships...

Moderate: Red Hat Security Advisory: lua security and bug fix update

An update for lua is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

ALSA-2019:3706 Moderate: lua security and bug fix update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: use-after-free in luaupvaluejoin in lapi.c resulting in denial of service...

Moderate: lua security and bug fix update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: use-after-free in luaupvaluejoin in lapi.c resulting in denial of service...

lua security and bug fix update

An update is available for lua. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The lua packages provide support for Lua, a powerful light-weight programming...

RLSA-2019:3706 Moderate: lua security and bug fix update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: use-after-free in luaupvaluejoin in lapi.c resulting in denial of service...

CVE-2018-4031

An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement without...

Cross site request forgery (csrf)

An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement without...

CVE-2018-4031

An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement without...

CVE-2018-4031

CVE-2018-4031 affects CUJO Smart Firewall firmware 7003. The safe-browsing component abuses Lunatik (kernel Lua) by injecting unsanitized Host header data into a Lua statement, enabling arbitrary code execution in the kernel. Exploitation can occur via crafted HTTP/HTTPS requests containing a mal...

CVE-2013-1951

A cross-site scripting XSS vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names...

DEBIAN-CVE-2013-1951

A cross-site scripting XSS vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names...