33 matches found
CVE-2026-25589
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
BIT-REDIS-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
BIT-KEYDB-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
PT-2026-38471
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
UBUNTU-CVE-2026-25589
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
CVE-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
CVE-2026-25589
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
PT-2026-37093
Name of the Vulnerable Software and Affected Versions RedisBloom versions prior to 2.8.20 Description RedisBloom, a probabilistic data structures module for Redis, fails to properly validate serialized values processed via the 'RESTORE' command. An authenticated attacker with permissions to execu...
RedisBloom 安全漏洞
RedisBloom is an open-source library developed by RedisBloom. It adds a set of probabilistic data structures to Redis. Versions of RedisBloom prior to 2.8.20 contained a security vulnerability. This vulnerability stemmed from the module’s failure to properly validate serialized values processed v...
EUVD-2024-22475
Malicious code in bioql PyPI...
EUVD-2024-52837
Malicious code in bioql PyPI...
EUVD-2024-22476
Malicious code in bioql PyPI...
CVE-2024-25116
RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, authenticated users can use the CF.RESERVE command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in RedisBloom 2.4.7...
Exploit for CVE-2024-55656
CVE-2024-55656 - Redis Stack - RedisBloom Integer Overflow R...
CVE-2024-25115
RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, specially crafted CF.LOADCHUNK commands may be used by authenticated users to perform heap overflow, which may lead to remote code execution. The problem is fixed in...
CVE-2024-55656
RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker a redis client which knows the password to allocate memory in the heap lesser than the...
Redis Stack RedisBloom Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Redis Stack. Authentication is required to exploit this vulnerability. The specific flaw exists within the RedisBloom module. The issue results from the lack of proper validation of user-supplied dat...
CVE-2024-55656
RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker a redis client which knows the password to allocate memory in the heap lesser than the...
CVE-2024-55656
CVE-2024-55656 (RedisBloom Integer Overflow) affects RedisBloom module used with Redis. The vulnerability occurs in CMS.INITBYDIM when allocating memory for a Count-Min Sketch using user-supplied width/depth, allowing heap memory under-allocation, leading to out-of-bounds read (OOB read) and writ...
CVE-2024-55656 RedisBloom Integer Overflow Remote Code Execution Vulnerability
RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker a redis client which knows the password to allocate memory in the heap lesser than the...