CVE-2021-32586

An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP requests...

ROS-20250203-12

A vulnerability in the ldebug.c component of the Lua script interpreter involves an integer loss of significance. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20250203-11

A vulnerability in the luaupvaluejoin function lapi.c of the Lua script interpreter is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in the luaresume ldo.c component of the Lua...

Fortinet FortiMail 输入验证错误漏洞

Fortinet FortiMail is a suite of email security gateway products from Fortinet, Inc. The product provides email security protection and data protection, among other features.An input validation error vulnerability exists in the FortiMail Web server CGI facility. An unauthenticated attacker could...

The vulnerability of the TCL-script interpreter used by Cisco IOS and Cisco IOS XE operating systems allows a hacker to induce a service failure.

The vulnerability of the TCL-script interpreter for Cisco IOS and Cisco IOS XE operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...

Fedora 28 : glibc (2018-264d881a62)

This updates contains various updates from the upstream glibc 2.27 release branch, including minor fixes for the realpath function and the i386 memmove implementation. Python helper scripts in the glibc-benchtests subpackage now use /usr/bin/python3 as the script interpreter RHBZ1577223. Starting...

eQ-3 AG HomeMatic CCU2 Remote Code Execution Vulnerability (CNVD-2018-05831)

The eQ-3 AG Homematic CCU2 is a central control unit for controlling smart home devices from the German company eQ-3. tcl script interpreter is one of the script interpreters for the TCL language. A remote code execution vulnerability exists in the TCL script interpreter in eQ-3 AG Homematic CCU2...

CVE-2018-7297

Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface...

Design/Logic Flaw

Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface...

CVE-2018-7297

Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface...

CVE-2018-7297

CVE-2018-7297 affects eQ-3 Homematic CCU2 (firmware 2.29.2 and earlier). The vulnerability exists in the TCL script interpreter, enabling remote code execution via unauthenticated access to the device’s web interface, allowing read/write access and command execution on the host. Reported via mult...

Acunetix WVS 10 - Remote Command Execution

Acunetix WVS 10 - Remote Command Execution ''' Acunetix WVS 10 - Remote command execution SYSTEM privilege - Author: Daniele Linguaglossa Overview ========= Acunetix WVS 10 1 is an enterprise web vulnerability scanner developer by Acunetix Inc. Two major flaws exists in the last version of...

Acunetix WVS 10 Remote Command Execution

''' Acunetix WVS 10 - Remote command execution SYSTEM privilege - Author: Daniele Linguaglossa Overview ========= Acunetix WVS 10 1 is an enterprise web vulnerability scanner developer by Acunetix Inc. Two major flaws exists in the last version of Acunetix, these bug allow a remote attacker, to...

The vulnerability of the function for working with vararg arguments in Lua script interpreters allows attackers to trigger a denial-of-service attack.

The vulnerability of the function for handling vararg arguments ldo.c in the Lua script interpreter arises from the operation being performed outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure by using...

XAMPP 1.8.1 - 'lang.php?WriteIntoLocalDisk method' Local Write Access

============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel García Cárdenas - Severity: 6,8/10 CVSS Base Score - CVE-ID: CVE-2013-2586...

CVE-2013-5154

The Sandbox subsystem in Apple iOS before 7 determines the sandboxing requirement for a ! application on the basis of the script interpreter instead of the script, which allows attackers to bypass intended access restrictions via a crafted application...

CVE-2013-5154

The CVE-2013-5154 entry describes a sandbox bypass in Apple iOS prior to 7, where the Sandbox subsystem bases the sandboxing requirement for a #! script on the script interpreter rather than the script itself. This allowed crafted applications that used #! to run scripts to bypass intended access...

CVE-2009-4768

Unspecified vulnerability in the JASS script interpreter in Warcraft III: The Frozen Throne 1.24b and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted custom map. NOTE: some of these details are obtained from third party information...

Design/Logic Flaw

Unspecified vulnerability in the JASS script interpreter in Warcraft III: The Frozen Throne 1.24b and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted custom map. NOTE: some of these details are obtained from third party information...

CVE-2009-4768

CVE-2009-4768 affects Blizzard Warcraft III: The Frozen Throne (versions 1.24b and earlier). The vulnerability resides in the JASS script interpreter, enabling a crafted custom map to trigger arbitrary code execution by user-assisted remote attackers. This is described as an unspecified vulnerabi...