CVE-2018-1999023

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

CVE-2018-1999023

CVE-2018-1999023 affects The Battle for Wesnoth Project versions 1.7.0 through 1.14.3. The vulnerability is a Code Injection flaw in the Lua scripting engine that can lead to code execution outside the sandbox. Exploitation vectors include loading specially-crafted saved games, networked games, r...

CVE-2018-1999023

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

CVE-2018-1999023

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

wesnoth -- Code Injection vulnerability

shadowm reports: A severe bug was found in the game client which could allow a malicious user to execute arbitrary code through the Lua engine by using specially-crafted code in add-ons, saves, replays, or networked games. This issue affects all platforms and all existing releases since Wesnoth...

Fedora 27 : knot-resolver (2018-50d055a5af)

Knot Resolver 2.4.0 2018-07-03 ================================ Incompatible changes -------------------- - minimal libknot version is now 2.6.7 to pull in latest fixes 366 Security -------- - fix a rare case of zones incorrectly dowgraded to insecure status !576 New features ------------ - TLS...

Updated redis packages fix security vulnerability

Multiple vulnerabilities were discovered in the Lua subsystem of Redis which could result in denial of service CVE-2018-11218, CVE-2018-11219...

MGASA-2018-0309 Updated redis packages fix security vulnerability

Multiple vulnerabilities were discovered in the Lua subsystem of Redis which could result in denial of service CVE-2018-11218, CVE-2018-11219...

Redis Lua Subsystem Numeric Error Vulnerability

Redis is the United States Redis Labs, Inc. sponsored by a set of open source using ANSI C written to support the network , can be based on the memory can also be a persistent log-type , key-value Key-Value storage database, and provides a variety of languages API. An integer overflow vulnerabili...

Redis Lua Subsystem Buffer Overflow Vulnerability

Redis is the United States Redis Labs, Inc. sponsored by a set of open source written in ANSI C, support for the network , memory-based can also be persistent log-type , key-value Key-Value storage database , and provides a variety of languages API. Lua subsystem is one of the subsystems that...

Security Bulletin: Vulnerabilities in redis affect PowerKVM (CVE-2015-4335, CVE-2013-7458)

Summary PowerKVM is affected by vulnerabilities in redis. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2015-4335 DESCRIPTION: Redis could allow a remote attacker to bypass security restrictions, caused by the insecure loading of Lua bytcode by the loadstring...

CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...

UBUNTU-CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...

CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...

CVE-2018-11219

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking...

DEBIAN-CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...

UBUNTU-CVE-2018-11219

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking...

CVE-2018-11219

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking...

Integer overflow

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking...

ALPINE-CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...