CVE-2024-39828

R74n Sandboxels 1.9 through 1.9.5 allows XSS via a message in a modified saved-game file. This was fixed in a hotfix to 1.9.5 on 2024-06-29...

CVE-2024-39828

CVE-2024-39828 affects R74n Sandboxels versions 1.9 through 1.9.5, enabling cross-site scripting via a message in a manipulated saved-game file. Red Hat and NVD entries concur; the issue was fixed in a hotfix to version 1.9.5 released on 2024-06-29. The Red Hat/CVE notes and related enrichments r...

PT-2024-28686 · Unknown · R74N Sandboxels

Name of the Vulnerable Software and Affected Versions: R74n Sandboxels versions 1.9 through 1.9.5 Description: The issue allows for XSS via a message in a modified saved-game file. This was fixed in a hotfix to 1.9.5 on 2024-06-29. Recommendations: For versions 1.9 through 1.9.5, apply the hotfix...

DEBIAN-CVE-2020-14938

An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow...

CVE-2020-14939

An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...

CVE-2020-14939

An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...

CVE-2020-14938

An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow...

CVE-2020-14939

An issue was discovered in savestructinternal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading...

[SECURITY] [DLA 297-1] wesnoth-1.8 security update

Package : wesnoth-1.8 Version : 1:1.8.5-1+deb6u2 CVE ID : CVE-2015-5069 CVE-2015-5070 Wesnoth implements a text preprocessing language that is used in conjunction with its own game scripting language. It also has a built-in Lua interpreter and API. Both the Lua API and the preprocessor make use o...

wesnoth: information leakage

Wesnoth implements a text preprocessing language that is used in conjunction with its own game scripting language. It also has a built-in Lua interpreter and API. Both the Lua API and the preprocessor make use of the same function filesystem::getwmllocation to resolve file paths so that only...

Spider Solitaire PoC

No description provided by source. ?php / Spider Solitaire Windows XP SP2 Local Crash PoC By SirGod www.insecurity.ro www.twitter.com/SirGod Loading a corrupt save filespider.sav will result in a local crash of Spider Solitaire / $username="pwn"; //Replace with your computer username...