Lucene search
K

780 matches found

Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.34 views

AlmaLinux 9 : redis (ALSA-2022:8096)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8096 advisory. - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis...

7.8CVSS6.9AI score0.02189EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2022/11/15 10:21 a.m.32 views

Low: Red Hat Security Advisory: redis security and bug fix update

An update for redis is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.8CVSS6.8AI score0.02189EPSS
Exploits2References5
Rockylinux
Rockylinux
added 2022/11/15 6:15 a.m.61 views

redis security and bug fix update

An update is available for redis. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

7.8CVSS7.3AI score0.02189EPSS
Exploits2
OSV
OSV
added 2022/11/15 6:15 a.m.26 views

RLSA-2022:8096 Low: redis security and bug fix update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

3.9CVSS6.9AI score0.02189EPSS
Exploits2References4
AlmaLinux
AlmaLinux
added 2022/11/15 12:0 a.m.52 views

Low: redis security and bug fix update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

7.8CVSS7.3AI score0.02189EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.45 views

AlmaLinux 8 : redis:6 (ALSA-2022:7541)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7541 advisory. redis: Code injection via Lua script execution environment CVE-2022-24735 redis: Malformed Lua script can crash Redis CVE-2022-24736 Tenable has extracted...

7.8CVSS6.7AI score0.02189EPSS
Exploits2References3
Rockylinux
Rockylinux
added 2022/11/08 6:22 a.m.44 views

redis:6 security, bug fix, and enhancement update

An update is available for redis. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

7.8CVSS7.5AI score0.02189EPSS
Exploits2
OSV
OSV
added 2022/11/08 12:0 a.m.31 views

ALSA-2022:7541 Low: redis:6 security, bug fix, and enhancement update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

7.8CVSS7.1AI score0.02189EPSS
Exploits2References6
AlmaLinux
AlmaLinux
added 2022/11/08 12:0 a.m.119 views

Low: redis:6 security, bug fix, and enhancement update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

7.8CVSS7.5AI score0.02189EPSS
Exploits2References6
CNVD
CNVD
added 2022/11/03 12:0 a.m.32 views

Apache Spark Injection Vulnerability

Apache Spark, a large-scale data processing engine from the Apache Foundation that supports acyclic data streaming and in-memory computing, is vulnerable to injection. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in a user's web browser...

3.2AI score0.01473EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/28 12:0 a.m.5 views

PT-2022-5284 · Drools +1 · Drools +1

Name of the Vulnerable Software and Affected Versions: Drools affected versions not specified Description: A flaw was found in Drools core where some utility classes did not use proper safeguards when deserializing data. This allows an authenticated attacker to construct malicious serialized...

9.8CVSS7.3AI score0.19653EPSS
Exploits3References105
Gentoo Linux
Gentoo Linux
added 2022/09/29 12:0 a.m.106 views

Redis: Multiple Vulnerabilities

Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...

9.8CVSS2.2AI score0.31049EPSS
Exploits3
Fedora
Fedora
added 2022/09/26 12:18 a.m.35 views

[SECURITY] Fedora 37 Update: redis-7.0.5-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

9.8CVSS0.7AI score0.02742EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/09/23 1:25 p.m.23 views

Researchers Uncover New Metador APT Targeting Telcos, ISPs, and Universities

A previously undocumented threat actor of unknown origin has been linked to attacks targeting telecom, internet service providers, and universities across multiple countries in the Middle East and Africa. "The operators are highly aware of operations security, managing carefully segmented...

0.4AI score
Exploits0
NVD
NVD
added 2022/09/23 4:15 a.m.17 views

CVE-2022-35951

Redis is an in-memory database that persists on disk. Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an XAUTOCLAIM command on a stream key in a specific state, with a specially crafted COUNT argument may cause an integer overflow, a subsequent heap...

9.8CVSS0.02742EPSS
Exploits0References4
CVE
CVE
added 2022/09/23 12:0 a.m.143 views

CVE-2022-35951

Redis 7.0.0–7.0.4 are vulnerable to an integer overflow in the XAUTOCLAIM handling on a stream key with a crafted COUNT, which can cause a heap overflow and potentially remote code execution. The issue is fixed in Redis 7.0.5; upgrades to 7.0.5 or later are recommended. Affected versions and the ...

9.8CVSS8.5AI score0.02742EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/02 12:0 a.m.5 views

The vulnerability of the JMX data management platform of Apache Geode allows an attacker to execute arbitrary code.

The vulnerability of the JMX data management platform of Apache Geode involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.02282EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/02 12:0 a.m.4 views

The vulnerability of the JMX data management platform of Apache Geode allows an attacker to execute arbitrary code.

The vulnerability of the JMX data management platform of Apache Geode involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.01228EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2022/07/30 1:57 a.m.15 views

[SECURITY] Fedora 36 Update: golang-github-hashicorp-memdb-1.3.0-6.fc36

The Memdb package implements a simple in-memory database built on immutable radix trees. The database provides Atomicity, Consistency and Isolation from ACID. Being that it is in-memory, it does not provide durability. The database is instantiated with a schema that specifies the tables and indic...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/07/25 12:0 a.m.5 views

The vulnerability of the software responsible for creating, monitoring, and orchestrating data processing scripts in Airflow lies in its ability to restore unreliable data structures in memory, allowing an attacker to execute arbitrary code or cause service failures.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...

10CVSS8.2AI score0.07225EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder