Lucene search
K

114 matches found

NVD
NVD
added 2018/06/26 4:29 p.m.22 views

CVE-2018-1000536

Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...

6.1CVSS6.4AI score0.0125EPSS
Exploits1References1
OSV
OSV
added 2018/06/26 4:29 p.m.18 views

CVE-2018-1000536

Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...

6.1CVSS6.4AI score
Exploits0References1
Prion
Prion
added 2018/06/26 4:29 p.m.11 views

Cross site scripting

Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...

4.3CVSS6.4AI score0.0125EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/26 4:0 p.m.20 views

CVE-2018-1000536

Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...

6.4AI score0.0125EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2018/06/19 2:48 p.m.36 views

CVE-2018-12453

Type confusion in the xgroupCommand function in tstream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream...

7.5CVSS5.5AI score0.24182EPSS
Exploits5References2
NVD
NVD
added 2018/06/16 5:29 p.m.17 views

CVE-2018-12453

Type confusion in the xgroupCommand function in tstream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream...

7.5CVSS7.5AI score0.24182EPSS
Exploits5References3
Debian CVE
Debian CVE
added 2018/06/16 5:0 p.m.21 views

CVE-2018-12453

Type confusion in the xgroupCommand function in tstream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream...

7.5CVSS7.6AI score0.24182EPSS
Exploits5
OpenVAS
OpenVAS
added 2018/06/05 12:0 a.m.435 views

Redis Server compromised by 'RedisWannaMine' Attack - Active Check

The remote Redis server is unprotected and has been compromised via the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.1AI score
Exploits0References2
CVE
CVE
added 2018/06/04 4:0 p.m.48 views

CVE-2016-10639

CVE-2016-10639 affects the npm wrapper redis-srvr , which downloads binary resources over HTTP. The underlying issue is unencrypted HTTP downloads that allow a network-positioned attacker to intercept and swap the requested binary, potentially enabling remote code execution on the host running re...

9.3CVSS8.3AI score0.01752EPSS
Exploits0References1Affected Software1
Friends Of PHP
Friends Of PHP
added 2018/03/20 2:0 p.m.28 views

Potential remote code execution in LUA context of the redis server via methods `yii\redis\ActiveRecord::findOne()` and `::findAll()`

More info at https://www.yiiframework.com/news/168/releasing-yii-2-0-15-and-database-extensions-with-security-fixes/...

9.8CVSS7.2AI score0.01588EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/06/06 12:0 a.m.13 views

Redis Server Detection

Binary data redisdetect.nbin...

7.3AI score
Exploits0References1
CNVD
CNVD
added 2017/02/13 12:0 a.m.4 views

Hanwha Techwin Smart Security Manager Cross-Site Request Forgery Vulnerability

Hanwha Techwin Smart Security Manager is the software management platform. Hanwha Techwin Smart Security Manager has a cross-site request forgery vulnerability in an installed Redis/Apache Felix Gogo server that can be exploited by an attacker to access a remote shell session...

7.5CVSS7AI score0.01303EPSS
Exploits0References1
Kitploit
Kitploit
added 2016/08/01 10:10 p.m.23 views

HellRaiser - Vulnerability Scanner

Install Install ruby, bundler and rails. https://gorails.com/setup/ubuntu/16.04 Install redis-server and nmap. sudo apt-get update sudo apt-get install redis-server nmap Clone HellRaiser repository, change to hellraiser web app directory and run bundle install. git clone...

7.3AI score
Exploits0References1
Source Incite
Source Incite
added 2016/07/25 12:0 a.m.19 views

SRC-2016-0033 : Samsung Security Manager Redis Server Injection Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Security Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...

7.5AI score
Exploits0
Rows per page
Query Builder