71 matches found
EUVD-2026-34283
Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...
SUSE CVE-2026-25243
Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...
CVE-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
CVE-2026-25243
Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005827)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005827 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to...
EUVD-2026-4963
The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...
CVE-2026-24414 Icinga for Windows certificate can have too-open permissions
The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...
EUVD-2014-7974
Malware in sbrugna...
EUVD-2014-8249
Malware in sbrugna...
EUVD-2014-3409
Malware in sbrugna...
EUVD-2017-2741
Malware in sbrugna...
EUVD-2010-4728
Malware in sbrugna...
EUVD-2014-0905
Malware in sbrugna...
EUVD-2021-19459
Malware in sbrugna...
PT-2025-33388 · Unknown · Pareto Digital Embedder For Google Reviews
Name of the Vulnerable Software and Affected Versions: PARETO Digital Embedder for Google Reviews versions n/a through 1.7.3 Description: A missing authorization flaw exists in PARETO Digital Embedder for Google Reviews. This issue allows access to functionality that is not properly constrained b...
CVE-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The...
CVE-2010-4763
The ACL-customer-status Ticket Type setting in Open Ticket Request System OTRS before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the 1 Status, 2 Service, and 3 Queue via selections...
Cisco IOS Access Control Error Vulnerability (CNVD-2025-15478)
Cisco IOS is the United States Cisco Cisco company's set of operating system developed for its network equipment. Cisco IOS suffers from an Access Control Error vulnerability that stems from a misconfiguration of access control lists, which can be exploited by an attacker to cause bypassing of AC...
Security Bulletin: IBM DataPower Gateway vulnerable to denial of service and remote code execution through use of Redis
Summary IBM DataPower Gateway uses Redis internally for gateway peering. Vulnerability Details CVEID:CVE-2024-46981 DESCRIPTION: Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and...
CBL Mariner 2.0 Security Update: redis / valkey (CVE-2024-46981)
The version of redis / valkey installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46981 advisory. - Redis is an open source, in-memory database that persists on disk. An authenticated user May use a...