Lucene search
K

10 matches found

Redos
Redos
added 2023/07/06 12:0 a.m.19 views

ROS-2-1313

2.1313 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2021-0373)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.4AI score0.31049EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/01/24 12:0 a.m.39 views

GLSA-202107-20 : Redis: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202107-20 Redis: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

8.8CVSS7.5AI score0.04028EPSS
Exploits0References3
Redos
Redos
added 2021/09/08 12:0 a.m.21 views

ROS-2-467

2.467 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
Mageia
Mageia
added 2021/07/25 2:45 p.m.109 views

Updated redis package fixes security vulnerabilities

An integer overflow bug in Redis version 6.0 or newer could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution CVE-2021-29477. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially...

8.8CVSS5.9AI score0.31049EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2021:1652-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.047EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/04 4:38 p.m.28 views

Security Bulletin: Redis vulnerabilites impacting Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.0 and earlier (CVE-2021-29477, CVE-2021-29478)

Summary The Redis vulnerabilities CVE-2021-29477 and CVE-2021-29478 impacts Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.0.0 and earlier. The fix is delivered in Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.1.0. Vulnerability Details...

8.8CVSS2.2AI score0.04028EPSS
Exploits0Affected Software2
UbuntuCve
UbuntuCve
added 2021/05/04 4:15 p.m.38 views

CVE-2021-29478

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and earlier are not directly...

8.8CVSS7.4AI score0.03628EPSS
Exploits0References5
CVE
CVE
added 2021/05/04 4:0 p.m.221 views

CVE-2021-29478

CVE-2021-29478 is an integer overflow in Redis 6.2 before 6.2.3 (and related COPY intsets) that could allow remote code execution when an attacker uses large intsets. IBM advisories cite affected IBM Robotic Process Automation for Cloud Pak versions (21.0.1–21.0.7.5 and 23.0.0–23.0.6) with remedi...

8.8CVSS7.7AI score0.03628EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2021/05/04 4:0 p.m.37 views

CVE-2021-29478

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and earlier are not directly...

8.8CVSS8.9AI score0.03628EPSS
Exploits0
Rows per page
Query Builder