BIT-REDIS-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE

Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The...

BIT-KEYDB-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE

Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The...

Unity Linux 20.1070e Security Update: redis (UTSA-2025-911908)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-911908 advisory. Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: redis (UTSA-2025-799388)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-799388 advisory. Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially...

redis security update

An update is available for redis. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

RLSA-2025:12008 Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

RLSA-2025:11453 Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

RockyLinux 9 : redis:7 (RLSA-2025:12008)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:12008 advisory. redis: Redis Stack Buffer Overflow CVE-2025-27151 redis: Redis Unauthenticated Denial of Service CVE-2025-48367 redis: Redis Hyperloglog Out-of-Bounds...

EUVD-2025-20233

Malicious code in bioql PyPI...

RLSA-2025:11401 Important: valkey security update

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

Security update for redis

This update for redis fixes the following issues: CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and Do...

SUSE-SU-2025:03073-1 Security update for redis

This update for redis fixes the following issues: - CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 - CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation an...

ROS-20250904-12

Redis database management system DBMS vulnerability is related to uncontrolled memory allocation memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the Redis database management system DBMS server is related ...

ROS-20250904-11

A vulnerability in the Redis database management system DBMS server is related to an integer overflow in the buffer when executing commands that use the HyperLogLog algorithm. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted HLL...

TencentOS Server 4: redis (TSSA-2025:0529)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0529 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: redis:6 (TSSA-2025:0697)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0697 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2025-32023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a speciall...

redis: Redis Hyperloglog Out-of-Bounds Write Vulnerability

A flaw was found in Redis. This flaw allows an authenticated user to trigger an integer overflow by sending a specially crafted string, resulting in a stack or heap out-of-bounds write during hyperloglog operations. This issue potentially results in remote code execution...

CLSA-2025-1754339372 redis: Fix of CVE-2025-32023

CVE-2025-32023: fix stack/heap out of bounds write on hyperloglog operations...

redis: Redis Hyperloglog Out-of-Bounds Write Vulnerability

A flaw was found in Redis. This flaw allows an authenticated user to trigger an integer overflow by sending a specially crafted string, resulting in a stack or heap out-of-bounds write during hyperloglog operations. This issue potentially results in remote code execution...