CVE-2020-0224

In FastKeyAccumulator::GetKeysSlow of keys.cc, there is a possible out of bounds write due to type confusion. This could lead to remote code execution when processing a proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Couchbase Server Security Vulnerability

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Couchbase Server 7.2.2 and earlier versions, which originates from a user with data...

SUSE CVE-2023-36824

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several...

ALPINE-CVE-2023-36824

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several...

DEBIAN-CVE-2023-36824

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several...

CVE-2023-36824 Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several...

FreeBSD : redis -- heap overflow in COMMAND GETKEYS and ACL evaluation (6fae2d6c-1f38-11ee-a475-080027f5fec9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6fae2d6c-1f38-11ee-a475-080027f5fec9 advisory. - Redis core team reports: Extracting key names from a command and a list of arguments may, in some...

redis -- heap overflow in COMMAND GETKEYS and ACL evaluation

Redis core team reports: Extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Specifically: using COMMAND GETKEYS and validation of key names in ACL...

OSX Capture Userspace Keylogger

Logs all keyboard events except cmd-keys and GUI password input. Keylogs are transferred between client/server in chunks every SYNCWAIT seconds for reliability. Works by calling the Carbon GetKeys hook using the DL lib in OSX's system Ruby. The Ruby code is executed in a shell command using -e, s...