Lucene search
K

34 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-24735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior t...

7.8CVSS6.7AI score0.02189EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.29 views

RHEL 8 : redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - redis: Redis SORTRO may bypass ACL configuration CVE-2023-41053 Note that Nessus has not tested for this issue but...

3.3CVSS6.9AI score0.0034EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.18 views

Amazon Linux 2 : redis (ALASREDIS6-2023-003)

The version of redis installed on the remote host is prior to 6.2.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2023-003 advisory. A flaw was found in the Redis database where Lua scripts can be manipulated to overcome ACL rules. This flaw allows an...

7.8CVSS6.5AI score0.02189EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.62 views

CBL Mariner 2.0 Security Update: redis (CVE-2022-24735)

The version of redis installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24735 advisory. - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution...

7.8CVSS6.8AI score0.02189EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.5 views

SUSE CVE-2022-24735

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the potentially higher privileges of another Redis user. The Lua scri...

3.9CVSS8.1AI score0.02189EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.32 views

Rocky Linux 9 : redis (RLSA-2022:8096)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8096 advisory. - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior ...

7.8CVSS6.9AI score0.02189EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2022/12/07 12:0 a.m.33 views

Rocky Linux 8 : redis:6 (RLSA-2022:7541)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7541 advisory. - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior ...

7.8CVSS6.9AI score0.02189EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2022/11/22 12:0 a.m.21 views

Oracle Linux 9 : redis (ELSA-2022-8096)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8096 advisory. 6.2.7-1 - rebase to 6.2.7 2083151 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

7.8CVSS6.5AI score0.02189EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.36 views

AlmaLinux 9 : redis (ALSA-2022:8096)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8096 advisory. - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis...

7.8CVSS6.9AI score0.02189EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.43 views

Oracle Linux 8 : redis:6 (ELSA-2022-7541)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7541 advisory. 6.2.7-1 - rebase to 6.2.7 1999873 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

7.8CVSS6.5AI score0.02189EPSS
Exploits2References3
OSV
OSV
added 2022/11/15 6:15 a.m.27 views

RLSA-2022:8096 Low: redis security and bug fix update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

3.9CVSS6.9AI score0.02189EPSS
Exploits2References4
Rockylinux
Rockylinux
added 2022/11/15 6:15 a.m.62 views

redis security and bug fix update

An update is available for redis. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

7.8CVSS7.3AI score0.02189EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.45 views

AlmaLinux 8 : redis:6 (ALSA-2022:7541)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7541 advisory. redis: Code injection via Lua script execution environment CVE-2022-24735 redis: Malformed Lua script can crash Redis CVE-2022-24736 Tenable has extracted...

7.8CVSS6.7AI score0.02189EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/11/09 12:0 a.m.34 views

CentOS 8 : redis:6 (CESA-2022:7541)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7541 advisory. - redis: Code injection via Lua script execution environment CVE-2022-24735 - redis: Malformed Lua script can crash Redis CVE-2022-24736 Note that Ness...

7.8CVSS6.7AI score0.02189EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2022/11/08 9:30 a.m.43 views

Low: Red Hat Security Advisory: redis:6 security, bug fix, and enhancement update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.8CVSS6.8AI score0.02189EPSS
Exploits2References5
OSV
OSV
added 2022/11/08 12:0 a.m.32 views

ALSA-2022:7541 Low: redis:6 security, bug fix, and enhancement update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

7.8CVSS7.1AI score0.02189EPSS
Exploits2References6
AlmaLinux
AlmaLinux
added 2022/11/08 12:0 a.m.122 views

Low: redis:6 security, bug fix, and enhancement update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

7.8CVSS7.5AI score0.02189EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2022/11/08 12:0 a.m.37 views

RHEL 8 : redis:6 (RHSA-2022:7541)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7541 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets...

7.8CVSS7AI score0.02189EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2022/11/05 12:0 a.m.32 views

Amazon Linux 2022 : redis6, redis6-devel (ALAS2022-2022-199)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-199 advisory. A flaw was found in the Redis database where Lua scripts can be manipulated to overcome ACL rules. This flaw allows an attacker with access to Redis to inject Lua code that executes the...

7.8CVSS6.4AI score0.02189EPSS
Exploits2References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/30 1:55 p.m.42 views

Security Bulletin: Vulnerabilities in Redis affect IBM Event Streams (CVE-2022-24736, CVE-2022-24735)

Summary There are a number of vulnerabilities in Redis that is used by IBM Event Streams. Vulnerability Details CVEID:CVE-2022-24736 DESCRIPTION: Redis is vulnerable to a denial of service, caused by a NULL pointer dereference. By loading a specially crafted Lua script, a local authenticated...

7.8CVSS7.3AI score0.02189EPSS
Exploits2Affected Software1
Rows per page
Query Builder