Lucene search
K

71 matches found

EUVD
EUVD
added 2026/06/04 2:22 p.m.13 views

EUVD-2026-34283

Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...

8.8CVSS5.8AI score0.00245EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:22 a.m.10 views

SUSE CVE-2026-25243

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

7.5CVSS6.2AI score0.02995EPSS
Exploits0References15
Cvelist
Cvelist
added 2026/05/05 4:50 p.m.32 views

CVE-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

7.7CVSS0.01331EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/05 4:44 p.m.3 views

CVE-2026-25243

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

7.7CVSS6.2AI score0.02995EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005827)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005827 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to...

9.9CVSS6AI score0.86767EPSS
Exploits14References4
EUVD
EUVD
added 2026/01/29 5:35 p.m.15 views

EUVD-2026-4963

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

6.8CVSS5.9AI score0.00097EPSS
Exploits2References3
OSV
OSV
added 2026/01/29 5:35 p.m.11 views

CVE-2026-24414 Icinga for Windows certificate can have too-open permissions

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

6.8CVSS5.9AI score0.00097EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-7974

Malware in sbrugna...

4CVSS7.8AI score0.01461EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-8249

Malware in sbrugna...

5CVSS6.1AI score0.02732EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3409

Malware in sbrugna...

7.5CVSS6.4AI score0.01359EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-2741

Malware in sbrugna...

5.9CVSS5.7AI score0.02681EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2010-4728

Malware in sbrugna...

6.5CVSS6.2AI score0.0157EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-0905

Malware in sbrugna...

3.5CVSS6.4AI score0.0125EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-19459

Malware in sbrugna...

7.5CVSS6AI score0.03636EPSS
Exploits0References26
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.6 views

PT-2025-33388 · Unknown · Pareto Digital Embedder For Google Reviews

Name of the Vulnerable Software and Affected Versions: PARETO Digital Embedder for Google Reviews versions n/a through 1.7.3 Description: A missing authorization flaw exists in PARETO Digital Embedder for Google Reviews. This issue allows access to functionality that is not properly constrained b...

5.3CVSS6.2AI score0.00209EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/07 3:22 p.m.10 views

CVE-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE

Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The...

7CVSS0.03877EPSS
Exploits4References6
RedhatCVE
RedhatCVE
added 2025/05/22 1:20 a.m.12 views

CVE-2010-4763

The ACL-customer-status Ticket Type setting in Open Ticket Request System OTRS before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the 1 Status, 2 Service, and 3 Queue via selections...

6.5CVSS6.6AI score0.0157EPSS
Exploits1References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.3 views

Cisco IOS Access Control Error Vulnerability (CNVD-2025-15478)

Cisco IOS is the United States Cisco Cisco company's set of operating system developed for its network equipment. Cisco IOS suffers from an Access Control Error vulnerability that stems from a misconfiguration of access control lists, which can be exploited by an attacker to cause bypassing of AC...

4.7CVSS7AI score0.00228EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/03 7:21 p.m.20 views

Security Bulletin: IBM DataPower Gateway vulnerable to denial of service and remote code execution through use of Redis

Summary IBM DataPower Gateway uses Redis internally for gateway peering. Vulnerability Details CVEID:CVE-2024-46981 DESCRIPTION: Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and...

9.8CVSS7.5AI score0.07802EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/01/24 12:0 a.m.10 views

CBL Mariner 2.0 Security Update: redis / valkey (CVE-2024-46981)

The version of redis / valkey installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46981 advisory. - Redis is an open source, in-memory database that persists on disk. An authenticated user May use a...

9.8CVSS7.3AI score0.07802EPSS
Exploits2References2
Rows per page
Query Builder