Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2026/06/15 10:18 a.m.10 views

redis: use-after-free in unblock client flow may allow remote code execution

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References6
SUSE Linux
SUSE Linux
added 2026/05/27 2:21 p.m.25 views

Security update for redis

This update for redis fixes the following issues CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243:...

7.7CVSS6.5AI score0.02995EPSS
Exploits4References12
SUSE Linux
SUSE Linux
added 2026/05/18 7:51 a.m.9 views

Security update for valkey

This update for valkey fixes the following issues CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243:...

7.7CVSS6.5AI score0.02995EPSS
Exploits4References12
OSV
OSV
added 2026/05/18 7:51 a.m.5 views

SUSE-SU-2026:1950-1 Security update for valkey

This update for valkey fixes the following issues - CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. - CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. -...

8.8CVSS6.4AI score0.02995EPSS
Exploits4References7
SUSE Linux
SUSE Linux
added 2026/05/18 7:51 a.m.9 views

Security update for valkey

This update for valkey fixes the following issues CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243:...

7.7CVSS6.5AI score0.02995EPSS
Exploits4References12
OSV
OSV
added 2026/05/07 11:51 a.m.7 views

BIT-VALKEY-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References3
OSV
OSV
added 2026/05/07 8:53 a.m.5 views

BIT-REDIS-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References3
OSV
OSV
added 2026/05/07 8:42 a.m.7 views

BIT-KEYDB-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References3
NVD
NVD
added 2026/05/05 5:17 p.m.6 views

CVE-2026-23479

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS0.01286EPSS
Exploits4References10
OSV
OSV
added 2018/07/23 8:29 p.m.4 views

DEBIAN-CVE-2016-10728

An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the toclient direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection...

5.3CVSS5.2AI score0.02091EPSS
Exploits1References1
OSV
OSV
added 2018/07/23 8:29 p.m.3 views

UBUNTU-CVE-2016-10728

An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the toclient direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection...

5.3CVSS6AI score0.02091EPSS
Exploits1References5
Rows per page
Query Builder