Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lua lua vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-0543
It exists, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
Redis Redis -
1 Metasploit module
10 Github repositories
10
CVSSv2
CVE-2020-13151
Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with net...
Aerospike Aerospike Server
1 Github repository
10
CVSSv2
CVE-2013-5945
Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware prior to 1.08B44; DSR-150N with firmware prior to 1.05B64; DSR-250 and DSR-250N with firmware prior to 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware prior to 1.08B77 allow remote malici...
Dlink Dsr-150 Firmware
Dlink Dsr-150n Firmware
Dlink Dsr-250 Firmware
Dlink Dsr-250n Firmware
Dlink Dsr-500 Firmware
Dlink Dsr-500n Firmware
Dlink Dsr-1000 Firmware
Dlink Dsr-1000n Firmware
1 EDB exploit
10
CVSSv2
CVE-2018-4031
An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua s...
Getcujo Smart Firewall 7003
10
CVSSv2
CVE-2019-13598
LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped.
Getvera Vera Edge Firmware 1.7.4452
10
CVSSv2
CVE-2015-4335
Redis prior to 2.8.21 and 3.x prior to 3.0.2 allows remote malicious users to execute arbitrary Lua bytecode via the eval command.
Redislabs Redis 3.0.0
Redislabs Redis 3.0.1
Redislabs Redis
Debian Debian Linux 8.0
Debian Debian Linux 9.0
10
CVSSv2
CVE-2010-2445
freeciv 2.2 prior to 2.2.1 and 2.3 prior to 2.3.0 allows malicious users to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) re...
Freeciv Freeciv 2.2.0
Freeciv Freeciv 2.3.0
9.3
CVSSv2
CVE-2011-3360
Untrusted search path vulnerability in Wireshark 1.4.x prior to 1.4.9 and 1.6.x prior to 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
Wireshark Wireshark 1.4.7
Wireshark Wireshark 1.4.2
Wireshark Wireshark 1.4.0
Wireshark Wireshark 1.4.5
Wireshark Wireshark 1.4.4
Wireshark Wireshark 1.4.6
Wireshark Wireshark 1.4.3
Wireshark Wireshark 1.4.1
Wireshark Wireshark 1.4.8
Wireshark Wireshark 1.6.0
Wireshark Wireshark 1.6.1
1 EDB exploit
9
CVSSv2
CVE-2022-28223
Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin.
Tekon Kio Firmware
Tekon Kio-1m Firmware
Tekon Kio-2mrs Firmware
Tekon Kio-2m Firmware
Tekon Kio-2ms Firmware
Tekon Kio-2md Firmware
Tekon Kio-8(4) Firmware
Tekon Kio-8(4)l Firmware
9
CVSSv2
CVE-2021-32762
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlyi...
Redis Redis
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »