1558 matches found
Design/Logic Flaw
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...
CVE-2021-32672
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...
CVE-2021-32672
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...
CVE-2021-32672 Vulnerability in Lua Debugger in Redis
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...
CVE-2021-32672
Redis contains CVE-2021-32672, a vulnerability in the Redis Lua Debugger where the protocol parser can read data beyond the actual buffer when handling malformed requests. This affects Redis builds that include Lua debugging support (3.2+). The issue is mitigated by upgrading to patched releases:...
CVE-2021-32672
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...
Redis Labs Redis 缓冲区错误漏洞
Redis Labs Redis is an open source, network-enabled, memory-based, persistent logging, key-value Key-Value storage database written in ANSI C by Redis Labs, Inc. and provides APIs in multiple languages. A buffer error vulnerability exists in Redis, which allows a user to send an incorrect request...
redis -- multiple vulnerabilities
The Redis Team reports: CVE-2021-41099 Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured. CVE-2021-32762 Integer to heap buffer overflow issue in redis-cli and redis-sentinel parsing large multi-bulk replies on so...
PT-2021-7752 · Redis +5 · Redis +5
Name of the Vulnerable Software and Affected Versions: Redis versions 3.2 through 6.2.5 Redis versions 3.2 through 6.0.15 Redis versions 3.2 through 5.0.13 can be simplified to: Redis versions 3.2 through 6.2.5 Description: The issue affects Redis, an open source, in-memory database that persists...
[SECURITY] Fedora 33 Update: radare2-5.4.0-1.fc33
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...
[SECURITY] Fedora 34 Update: radare2-5.4.0-1.fc34
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...
[SECURITY] Fedora 35 Update: radare2-5.4.0-1.fc35
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...
Ulfius Web Framework Remote Memory Corruption Exploit
Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process. !/usr/bin/python3 guul.p...
BeaconEye - Hunts Out CobaltStrike Beacons And Logs Operator Command Output
BeaconEye scans running processes for active CobaltStrike beacons. When processes are found to be running beacon, BeaconEye will monitor each process for C2 activity. How it works BeaconEye will scan live processes or MiniDump files for suspected CobaltStrike beacons. In live process mode,...
Unauthorized Access Vulnerability in Whistle Web Debugger
whistle is based on Node implementation of cross-platform web debugging agent . Whistle Web Debugger suffers from an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...
[SECURITY] Fedora 34 Update: radare2-5.3.1-1.fc34
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...
[SECURITY] Fedora 33 Update: radare2-5.3.1-1.fc33
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...
SUSE: Security Advisory (SUSE-SU-2019:0395-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
in mcfriend99/bird
✍️ Description Heap-based 1-byte write violation. Certain programs can cause the parser/syntax-checker to write out of bounds. The below program writes a single byte out of bounds. 🕵️♂️ Proof of Concept Program: var a = 'outer' def test var a = 'inner' echo 'It works! $a' echo a echo test test def...
HookDump - Security Product Hook Detection
EDR function hook dumping Please refer to the Zeroperil blog post for more information https://zeroperil.co.uk/hookdump/ Building source In order to build this you will need Visual Studio 2019 community edition is fine and CMake. The batch file Configure.bat will create two build directories with...