Lucene search
K

97 matches found

SUSE Linux
SUSE Linux
added 2026/05/27 2:21 p.m.28 views

Security update for redis

This update for redis fixes the following issue CVE-2026-25243: invalid memory access in RESTORE command via a specially crafted serialized payload may lead to remote code execution bsc1264166. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

7.7CVSS6.4AI score0.02995EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:21 p.m.5 views

SUSE-SU-2026:2098-1 Security update for redis

This update for redis fixes the following issue - CVE-2026-25243: invalid memory access in RESTORE command via a specially crafted serialized payload may lead to remote code execution bsc1264166...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/05/27 2:20 p.m.11 views

Security update for redis7

This update for redis7 fixes the following issues CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243: invalid memory access in RESTORE command via a specially crafted serialized payload may lead to remot...

7.7CVSS6.5AI score0.02995EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2026-1748)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1748 advisory. Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing ...

8.8CVSS6.1AI score0.02995EPSS
Exploits4References8
RedhatCVE
RedhatCVE
added 2026/05/21 1:55 p.m.10 views

CVE-2026-25243

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References5
OSV
OSV
added 2026/05/18 10:1 a.m.4 views

OPENSUSE-SU-2026:20776-1 Security update for valkey

This update for valkey fixes the following issues - CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts bsc1258746. - CVE-2026-21863: denial of service via invalid clusterbus packet bsc1258788. - CVE-2026-23479: use-after-free in unblock client...

8.8CVSS6.4AI score0.02995EPSS
Exploits4References10
OSV
OSV
added 2026/05/18 9:59 a.m.22 views

SUSE-SU-2026:21814-1 Security update for valkey

This update for valkey fixes the following issues - CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts bsc1258746. - CVE-2026-21863: denial of service via invalid clusterbus packet bsc1258788. - CVE-2026-23479: use-after-free in unblock client...

8.8CVSS6.5AI score0.02995EPSS
Exploits4References11
SUSE Linux
SUSE Linux
added 2026/05/18 7:51 a.m.9 views

Security update for valkey

This update for valkey fixes the following issues CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243:...

7.7CVSS6.5AI score0.02995EPSS
Exploits4References12
OSV
OSV
added 2026/05/18 7:51 a.m.5 views

SUSE-SU-2026:1950-1 Security update for valkey

This update for valkey fixes the following issues - CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. - CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. -...

8.8CVSS6.4AI score0.02995EPSS
Exploits4References7
SUSE Linux
SUSE Linux
added 2026/05/18 7:51 a.m.9 views

Security update for valkey

This update for valkey fixes the following issues CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243:...

7.7CVSS6.5AI score0.02995EPSS
Exploits4References12
OSV
OSV
added 2026/05/18 7:51 a.m.4 views

SUSE-SU-2026:1949-1 Security update for valkey

This update for valkey fixes the following issues - CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. - CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. -...

8.8CVSS6.4AI score0.02995EPSS
Exploits4References7
OSV
OSV
added 2026/05/07 11:52 a.m.8 views

BIT-VALKEY-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 11:51 a.m.5 views

BIT-REDIS-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 11:43 a.m.3 views

BIT-KEYDB-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 8:53 a.m.5 views

BIT-REDIS-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS6.2AI score0.01331EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 8:53 a.m.8 views

BIT-REDIS-2026-25588 RedisTimeSeries RESTORE invalid memory access may allow remote code execution

RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS6.2AI score0.01029EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 8:42 a.m.3 views

BIT-KEYDB-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS6.2AI score0.01331EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 8:42 a.m.6 views

BIT-KEYDB-2026-25588 RedisTimeSeries RESTORE invalid memory access may allow remote code execution

RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS6.2AI score0.01029EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:22 a.m.10 views

SUSE CVE-2026-25243

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

7.5CVSS6.2AI score0.02995EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2026/05/07 2:22 a.m.7 views

SUSE CVE-2026-25588

RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

7.5CVSS6.2AI score0.01029EPSS
Exploits0References3
Rows per page
Query Builder