Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lua lua vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2014-5461
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 up to and including 5.2.x prior to 5.2.3 allows context-dependent malicious users to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Lua Lua 5.1.3
Lua Lua 5.1.4
Lua Lua 5.1.2
Lua Lua 5.1.5
Lua Lua 5.1.1
Lua Lua 5.1
Lua Lua 5.2.1
Lua Lua 5.2.0
Lua Lua 5.2.2
Mageia Mageia 3.0
Mageia Mageia 4.0
1 Github repository
383
VMScore
CVE-2021-44964
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows malicious users to perform Sandbox Escape via a crafted script file.
Lua Lua
187
VMScore
CVE-2020-15945
Lua up to and including 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function.
Lua Lua
668
VMScore
CVE-2020-15889
Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.
Lua Lua 5.4.0
445
VMScore
CVE-2020-24369
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.
Lua Lua 5.4.0
445
VMScore
CVE-2020-24371
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage.
Lua Lua 5.4.0
NA
CVE-2021-45985
In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read.
Lua Lua 5.4.3
605
VMScore
CVE-2020-15888
Lua up to and including 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
Lua Lua 5.4.0
383
VMScore
CVE-2021-43519
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows malicious users to perform a Denial of Service via a crafted script file.
Lua Lua
Fedoraproject Fedora 35
605
VMScore
CVE-2020-24342
Lua up to and including 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.
Lua Lua 5.4.0
Fedoraproject Fedora 33
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »