Lucene search
K

360 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk.Authenticated users who execute specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, causing Redis to attempt to allocate an impossible amount of memory and result in a Memory Out of Control OOM panic. This issue...

5.5CVSS5.9AI score0.33269EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. Redis does not correctly identify keys accessed using SORTRO. As a result, it may grant users who execute this command access to keys that are not explicitly authorized by the ACL configuration. This issue exists in Redis 7.0 or later...

3.3CVSS6.3AI score0.0034EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. In affected versions of Redis, a integer overflow bug in the 32-bit Redis version 4.0 or newer can be exploited to corrupt the heap and potentially lead to remote code execution. Redis 4.0 or newer uses a configurable limit f...

8.8CVSS7.2AI score0.047EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. Prior to versions 6.2.7 and 7.0.0, an attacker who attempted to load a specially crafted Lua script could cause a NULL pointer dereference, resulting in a crash of the redis-server process. This issue was fixed in Redis versions 7.0.0 and...

5.5CVSS6.3AI score0.01498EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. A user with sufficient privileges can create a malformed ACL selector, which, when accessed, triggers a server panic and subsequent denial of service. This issue has been fixed in Redis 7.2.7 and 7.4.2...

4.4CVSS6.2AI score0.00299EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. Upon startup, Redis begins listening on Unix sockets before adjusting its permissions to the configuration provided by the user. If a permissive umask value is used, this can create a race condition that allows another process to establis...

3.6CVSS6.6AI score0.00444EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/15 6:49 p.m.11 views

CVE-2026-23479

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS5.9AI score0.01286EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.11 views

TencentOS Server 4: redis (TSSA-2026:0218)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0218 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.3CVSS5.7AI score0.01023EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.25 views

PT-2026-39715

Name of the Vulnerable Software and Affected Versions Inbox Zero versions prior to 2.29.3 Description The cleaner email stream endpoint used a shared Redis subscription listener. This configuration could result in thread events for one authenticated account being delivered to another authenticate...

4.3CVSS5.8AI score0.00228EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-23631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica...

8.8CVSS5.8AI score0.01782EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-23479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from...

8.8CVSS7.6AI score0.01286EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2026/05/05 4:44 p.m.6 views

CVE-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

7.7CVSS6.2AI score0.02995EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 2:26 p.m.7 views

Security Bulletin: Vulnerability in Redis affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Redis has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

5.9CVSS6.5AI score0.01309EPSS
Exploits1Affected Software2
GithubExploit
GithubExploit
added 2026/04/06 8:3 a.m.152 views

Exploit for Use After Free in Redis

CVE-2025-49844 RediShell AI-made Revshell PoC Untested comple...

9.9CVSS6.4AI score0.86767EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.3 views

Ubuntu 24.04 LTS : Redis vulnerability (USN-8120-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8120-1 advisory. Seunghyun Lee discovered that Redis incorrectly handled memory during hyperloglog operations. An attacker could use this issue to cause a denial of service, or...

7.8CVSS6.1AI score0.03877EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006184 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited grow...

7.5CVSS7.3AI score0.00843EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006170)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006170 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to caus...

8.8CVSS7.6AI score0.03692EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006176)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006176 advisory. Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially...

7.8CVSS7.7AI score0.03877EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005345)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005345 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read...

7.1CVSS7.4AI score0.01023EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005343 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to...

7.3CVSS5.4AI score0.00701EPSS
Exploits0References4
Rows per page
Query Builder