CVE-2022-0543

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution...

The vulnerability of the Controller.class.php file on the high-performance PHP Workman server platform allows attackers to execute cross-site scripting attacks against Redis database management systems.

The vulnerability of the Controller.class.php file on the high-performance PHP Workman socket service platform is related to the lack of security measures for the web page structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

MGASA-2021-0562 Updated hiredis packages fix security vulnerability

Updated hiredis packages fix security vulnerability: It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of 'multi-bulk' replies CVE-2021-32765...

openSUSE 15 Security Update : hiredis (openSUSE-SU-2021:1536-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1536-1 advisory. - Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided...

The vulnerability of Lua interpreter in the Redis database management system allows attackers to execute arbitrary code.

The vulnerability of Lua interpreter in the Redis database management system is related to the possibility of buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Debian DLA-2783-1 : hiredis - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2783 advisory. - Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or...

CVE-2021-32765

Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk array-like replies, hiredis fails to check if count sizeofredisReply...

Redis Labs Redis 输入验证错误漏洞

Redis Labs Redis is an open source, network-enabled, memory-based, persistent logging, key-value Key-Value storage database written in ANSI C with a multi-language API from Redis Labs. An input validation error vulnerability exists in Redis that could lead to a denial of service or remote code...

Design/Logic Flaw

GigaVUE-OS GVOS 5.4 - 5.9 stores a Redis database password in plaintext...

[SECURITY] Fedora 30 Update: hiredis-0.13.3-13.fc30

Hiredis is a minimalistic C client library for the Redis database...

The vulnerability of the HyperLogLog algorithm in a resident database management system for NoSQL Redis lies in the fact that the output of the operation may exceed the buffer limits in memory. This allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the HyperLogLog algorithm in the resident database management system for NoSQL Redis stems from a flaw in the HyperLogLog data structure when the SETRANGE command is executed. This command allows the addition of up to 12 bytes of information beyond the stack limit. Exploiting...

The vulnerability of the Redis database management system allows a hacker to execute arbitrary Lua bytecode.

The vulnerability of the deps/lua/src/ldo.c component of the Redis database management system is related to incorrect data type conversion. Exploiting this vulnerability allows a malicious actor to execute any Lua bytecode using a specially crafted eval command...

Redis EVAL Lua Sandbox Security Bypass Vulnerability

Redis is an open source memory-based and key-value pair storage the simplest form of database organization database system. Redis has a security vulnerability that allows a remote attacker to bypass certain security restrictions by submitting a special eval command to execute arbitrary Lua byteco...