160 matches found
ALPINE-CVE-2021-32627
Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...
CVE-2021-41099
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
UBUNTU-CVE-2021-41099
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
Out of bounds write in reorder
swapindex takes an iterator and swaps the items with their corresponding indexes. It reserves capacity and sets the length of the vector based on the .len method of the iterator. If the len returned by the iterator is larger than the actual number of elements yielded, then swapindex creates a...
CVE-2021-38160
CVE-2021-38160 affects the Linux kernel “virtio_console” driver. In drivers/char/virtio_console.c, if an untrusted device supplies a buf->len value larger than the destination buffer, data corruption or loss can occur. The issue is fixed in Linux kernel 5.13.4 (ChangeLog-5.13.4). The vendor no...
Redis remote code execution vulnerability
Redis is an open source ANSI C, network-enabled, memory-based, and persistent logging, Key-Value storage database with a multilingual API. The vulnerability can be exploited to attack 32-bit Redis programs running on 32-bit systems by combining the BIT command with the proto-max-bulk-len...
ALPINE-CVE-2021-32761
Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis BIT command are vulnerable to integer overflow that...
DEBIAN-CVE-2021-32761
Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis BIT command are vulnerable to integer overflow that...
DEBIAN-CVE-2021-32625
Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...
CVE-2021-32625
Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...
Integer overflow
Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...
CVE-2021-32625 Redis vulnerability in STRALGO LCS on 32-bit systems
Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...
CVE-2021-32625
Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...
CVE-2021-32625
Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...
PT-2021-7997
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the calculation of report length in the hid submit ctrl function, which does not account for the possibility of a zero-sized report. When a report of size 0 is...
Denial Of Service (DoS)
jackson-dataformat-cbor is vulnerable to denial of service DoS. The vulnerability exists through the eager allocation of byte buffer that causes an out of memory error when a large len value is processed in finishBytes...
CVE-2020-11834
In /SM8250QMaster/android/vendor/oppocharger/oppo/oppovooc.c, the function procfastchgfwupdatewrite in procfastchgfwupdatewrite does not check the parameter len, resulting in a vulnerability...
CVE-2020-11834
In /SM8250QMaster/android/vendor/oppocharger/oppo/oppovooc.c, the function procfastchgfwupdatewrite in procfastchgfwupdatewrite does not check the parameter len, resulting in a vulnerability...
CVE-2020-11833
In /SM8250QMaster/android/vendor/oppocharger/oppo/chargeric/oppomp2650.c, the function mp2650datalogwrite in mp2650datalogwrite does not check the parameter len which causes a vulnerability...
VK.com: Reflected XSS в /video
XSS в поиске по видеозаписям. xss в параметрах date, len, order при поиске видеозаписи с указанием параметров...