Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 4: redis (TSSA-2024:0037)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0037 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.8CVSS5.8AI score0.77422EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-25155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigge...

6.5CVSS5.8AI score0.00902EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.47 views

openSUSE: Security Advisory for redis7 (SUSE-SU-2023:2925-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.77422EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/12/06 12:0 a.m.128 views

Ubuntu: Security Advisory (USN-6531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.2AI score0.59706EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/12/05 4:35 p.m.502 views

USN-6531-1: Redis vulnerabilities

Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...

8.8CVSS7.5AI score0.59706EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.50 views

Amazon Linux 2 : redis (ALASREDIS6-2023-001)

The version of redis installed on the remote host is prior to 6.2.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2023-001 advisory. Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORTR...

6.5CVSS7AI score0.69355EPSS
Exploits0References10
CBLMariner
CBLMariner
added 2023/04/07 4:59 a.m.18 views

CVE-2023-25155 affecting package redis 6.2.9-1

CVE-2023-25155 affecting package redis 6.2.9-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS7.4AI score0.00902EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/04 9:12 a.m.38 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service due to Redis (CVE-2023-25155)

Summary A vulnerability in Redis affects IBM Event Streams. Vulnerability Details CVEID:CVE-2023-25155 DESCRIPTION: Redis is vulnerable to a denial of service, caused by an integer overflow. By sending a specially-crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD command, a remote authenticated...

6.5CVSS5.8AI score0.00902EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.41 views

CBL Mariner 2.0 Security Update: redis (CVE-2023-25155)

The version of redis installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25155 advisory. - Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted...

6.5CVSS7AI score0.00902EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2023:0693-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.6AI score0.59706EPSS
Exploits0References5
CBLMariner
CBLMariner
added 2023/03/24 11:57 p.m.18 views

CVE-2023-25155 affecting package redis for versions less than 6.2.11-1

CVE-2023-25155 affecting package redis for versions less than 6.2.11-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS6.8AI score0.00902EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/03/21 12:0 a.m.28 views

Redis < 6.0.18, 6.2.x < 6.2.11, 7.0.x < 7.0.9 Multiple Vulnerabilities

Redis is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:redis:redis"; if description...

6.5CVSS6.6AI score0.59706EPSS
Exploits0References5
Mageia
Mageia
added 2023/03/11 7:0 p.m.49 views

Updated redis packages fix security vulnerability

Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. CVE-2023-25155 String matching commands like SCAN or KEYS with a specially crafted pattern to trigger a...

6.5CVSS6AI score0.59706EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/11 12:0 a.m.36 views

SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:0694-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0694-1 advisory. - CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands bsc1208790. -...

6.5CVSS6.5AI score0.59706EPSS
Exploits0References8
OSV
OSV
added 2023/03/10 7:17 a.m.8 views

SUSE-SU-2023:0693-1 Security update for redis

This update for redis fixes the following issues: - CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands bsc1208790. - CVE-2023-25155: Fixed integer Overflow in RAND commands can lead to assertion bsc1208793...

6.5CVSS6.4AI score0.59706EPSS
Exploits0References5
OSV
OSV
added 2023/03/02 4:15 a.m.9 views

AZL-25354 CVE-2023-25155 affecting package redis for versions less than 6.2.11-1

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...

6.5CVSS6.2AI score0.00902EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/02 3:1 a.m.24 views

CVE-2023-25155 Integer Overflow in several Redis commands can lead to denial of service.

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...

5.5CVSS7AI score0.00902EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/03/02 3:1 a.m.10 views

CVE-2023-25155 Integer Overflow in several Redis commands can lead to denial of service.

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...

5.5CVSS7.3AI score0.00902EPSS
Exploits0References5
CVE
CVE
added 2023/03/02 3:1 a.m.218 views

CVE-2023-25155

Redis is affected by CVE-2023-25155 via authenticated SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD usage, which can trigger an integer overflow and cause Redis to terminate due to an assertion. Patches are available in Redis 6.0.18, 6.2.11, and 7.0.9. Upgrading to these versions (or newer) is the adv...

6.5CVSS6.2AI score0.00902EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2023/03/02 3:1 a.m.52 views

CVE-2023-25155

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis...

6.5CVSS5.7AI score0.00902EPSS
Exploits0
Rows per page
Query Builder