29 matches found
EUVD-2024-47268
Malicious code in bioql PyPI...
TencentOS Server 4: redis (TSSA-2024:0037)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0037 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0014: redis:6 (ALINUX3-SA-2025:0014)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0014 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-24834: Redis is an in-memory...
RLSA-2025:0693 Important: redis security update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
CVE-2024-6121
An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service...
CVE-2024-6121 NI SystemLink Server Ships Out of Date Redis Version
An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service...
RHEL 8 : redis (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - redis: Redis SORTRO may bypass ACL configuration CVE-2023-41053 Note that Nessus has not tested for this issue but...
openSUSE: Security Advisory for redis7 (SUSE-SU-2023:2925-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for redis (SUSE-SU-2023:2924-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6531-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6531-1: Redis vulnerabilities
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...
CVE-2022-24834 affecting package redis for versions less than 6.2.13-2
CVE-2022-24834 affecting package redis for versions less than 6.2.13-2. An upgraded version of the package is available that resolves this issue...
Amazon Linux 2 : redis (ALASREDIS6-2023-002)
The version of redis installed on the remote host is prior to 6.2.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2REDIS6-2023-002 advisory. A heap-based buffer overflow flaw was found in Redis. This flaw allows an attacker to trick an authenticated user into executin...
SUSE SLES15 Security Update : redis (SUSE-SU-2023:3407-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3407-1 advisory. - CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field. bsc1210548 - CVE-2022-24834: Fixed a heap...
SUSE: Security Advisory (SUSE-SU-2023:3407-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated redis packages fix security vulnerability
A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson and cmsgpack libraries, and result in heap corruption and potentially remote code execution. CVE-2022-24834...
SUSE-SU-2023:3407-1 Security update for redis
This update for redis fixes the following issues: - CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field. bsc1210548 - CVE-2022-24834: Fixed a heap overflow in the cjson and cmsgpack libraries. bsc1213193...
Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2023-291)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-291 advisory. A heap-based buffer overflow flaw was found in Redis. This flaw allows an attacker to trick an authenticated user into executing a specially crafted Lua script in Redis. This attack triggers a heap...
Exploit for Heap-based Buffer Overflow in Redis
Improvement of CVE-2022-24834 public exploit Author Convi...
SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:2924-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2924-1 advisory. - CVE-2022-24834: Fixed heap overflow in the cjson and cmsgpack libraries bsc1213193. Tenable has extracted the preceding...