Lucene search
K

24 matches found

OSV
OSV
added 2021/10/04 6:15 p.m.4 views

UBUNTU-CVE-2021-32675

Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol RESP request, Redis allocates memory according to user-specified values which determine the number of elements in the multi-bulk header and size of each element in the bulk header. ...

7.5CVSS6.7AI score0.1578EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/10/04 12:0 a.m.6 views

PT-2021-4338 · Redis +9 · Redis +9

Name of the Vulnerable Software and Affected Versions: Redis versions prior to 5.0.14 Redis versions prior to 6.0.16 Redis versions prior to 6.2.6 Description: The issue is related to errors in processing Redis Standard Protocol RESP requests, which can cause the server to allocate a significant...

9CVSS6.6AI score0.31049EPSS
Exploits3References143
Gitee
Gitee
added 2020/07/26 7:53 a.m.4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Artifex Gsview

PoC exploit for Redis RCE CVE-2017-14947 targeting Redis 4.x/5.x. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the redis-rce.py script. Notable dependencies/tooling include six and argparse. The execution context is a Python script invoked from the...

7.8CVSS8.6AI score0.01233EPSS
Exploits3
CVE
CVE
added 2017/10/24 6:0 p.m.100 views

CVE-2016-10517

CVE-2016-10517 describes a Cross Protocol Scripting vulnerability in Redis prior to 3.2.7. The issue arises in networking.c where Redis does not validate HTTP-like elements (POST and Host:) in data that can arrive on the Redis TCP port, allowing an HTTP-style request to be misinterpreted as a Red...

7.4CVSS7.2AI score0.02147EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder