114 matches found
CVE-2018-1000536
Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...
CVE-2018-1000536
Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...
Cross site scripting
Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...
CVE-2018-1000536
Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of th...
CVE-2018-12453
Type confusion in the xgroupCommand function in tstream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream...
CVE-2018-12453
Type confusion in the xgroupCommand function in tstream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream...
CVE-2018-12453
Type confusion in the xgroupCommand function in tstream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream...
Redis Server compromised by 'RedisWannaMine' Attack - Active Check
The remote Redis server is unprotected and has been compromised via the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2016-10639
CVE-2016-10639 affects the npm wrapper redis-srvr , which downloads binary resources over HTTP. The underlying issue is unencrypted HTTP downloads that allow a network-positioned attacker to intercept and swap the requested binary, potentially enabling remote code execution on the host running re...
Potential remote code execution in LUA context of the redis server via methods `yii\redis\ActiveRecord::findOne()` and `::findAll()`
More info at https://www.yiiframework.com/news/168/releasing-yii-2-0-15-and-database-extensions-with-security-fixes/...
Redis Server Detection
Binary data redisdetect.nbin...
Hanwha Techwin Smart Security Manager Cross-Site Request Forgery Vulnerability
Hanwha Techwin Smart Security Manager is the software management platform. Hanwha Techwin Smart Security Manager has a cross-site request forgery vulnerability in an installed Redis/Apache Felix Gogo server that can be exploited by an attacker to access a remote shell session...
HellRaiser - Vulnerability Scanner
Install Install ruby, bundler and rails. https://gorails.com/setup/ubuntu/16.04 Install redis-server and nmap. sudo apt-get update sudo apt-get install redis-server nmap Clone HellRaiser repository, change to hellraiser web app directory and run bundle install. git clone...
SRC-2016-0033 : Samsung Security Manager Redis Server Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Security Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...