UBUNTU-CVE-2026-33598

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

MiracleLinux 8 : redis:6 (AXSA:2025-9575:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9575:01 advisory. redis: Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands may lead to denial-of-service CVE-2023-22458 redis: Integer overflow in the...

MiracleLinux 9 : valkey-8.0.6-2.el9_7 (AXSA:2025-11535:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11535:02 advisory. redis: Lua library commands may lead to integer overflow and potential RCE CVE-2025-46817 Redis: Redis: Authenticated users can execute LUA scripts...

RockyLinux 9 : redis (RLSA-2025:20926)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:20926 advisory. redis: Lua library commands may lead to integer overflow and potential RCE CVE-2025-46817 Redis: Redis: Authenticated users can execute LUA scripts as a...

RLSA-2025:19345 Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

RHEL 9 : redis (RHSA-2025:20926)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20926 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, set...

AlmaLinux 10 : valkey (ALSA-2025:19675)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:19675 advisory. redis: Lua library commands may lead to integer overflow and potential RCE CVE-2025-46817 Redis: Redis: Authenticated users can execute LUA scripts as a...

Lua library commands may lead to integer overflow and potential RCE

...

EUVD-2024-29587

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-4540

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service DoS attack to be...

OPENSUSE-SU-2025:15401-1 liblua5_5-5-5.5.0~beta1-1.1 on GA media

These are all security issues fixed in the liblua55-5-5.5.0beta1-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

CVE-2025-26269

Summary: CVE-2025-26269 affects DragonflyDB Dragonfly up to version 1.28.2. Affected component: Lua library usage that can reference a large negative integer, enabling an authenticated user to trigger a denial of service (daemon crash). The issue is fixed in DragonflyDB 1.29.0. Impact (as stated)...

PT-2025-17221 · Unknown · Dragonflydb Dragonfly

Name of the Vulnerable Software and Affected Versions: DragonflyDB Dragonfly versions 1.28.2 and earlier Description: The issue allows authenticated users to cause a denial of service, resulting in a daemon crash, by utilizing a Lua library command that references a large negative integer...

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

redis security update

An update is available for redis. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

RLSA-2025:0692 Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

RHEL 8 : redis:6 (RHSA-2025:0595)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0595 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets...