Lucene search
K

160 matches found

OSV
OSV
added 2021/10/04 6:15 p.m.5 views

ALPINE-CVE-2021-32627

Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...

7.5CVSS8.3AI score0.03688EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/10/04 6:15 p.m.4 views

CVE-2021-41099

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...

7.5CVSS7AI score0.03422EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2021/10/04 6:15 p.m.4 views

UBUNTU-CVE-2021-41099

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...

7.5CVSS7AI score0.03422EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/08/25 8:54 p.m.35 views

Out of bounds write in reorder

swapindex takes an iterator and swaps the items with their corresponding indexes. It reserves capacity and sets the length of the vector based on the .len method of the iterator. If the len returned by the iterator is larger than the actual number of elements yielded, then swapindex creates a...

7.5CVSS7.2AI score0.009EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2021/08/07 3:31 a.m.403 views

CVE-2021-38160

CVE-2021-38160 affects the Linux kernel “virtio_console” driver. In drivers/char/virtio_console.c, if an untrusted device supplies a buf->len value larger than the destination buffer, data corruption or loss can occur. The issue is fixed in Linux kernel 5.13.4 (ChangeLog-5.13.4). The vendor no...

7.8CVSS7.8AI score0.00395EPSS
Exploits0References7Affected Software1
CNVD
CNVD
added 2021/07/22 12:0 a.m.30 views

Redis remote code execution vulnerability

Redis is an open source ANSI C, network-enabled, memory-based, and persistent logging, Key-Value storage database with a multilingual API. The vulnerability can be exploited to attack 32-bit Redis programs running on 32-bit systems by combining the BIT command with the proto-max-bulk-len...

7.5CVSS5.1AI score0.31049EPSS
Exploits0References1
OSV
OSV
added 2021/07/21 9:15 p.m.6 views

ALPINE-CVE-2021-32761

Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis BIT command are vulnerable to integer overflow that...

7.5CVSS8.6AI score0.31049EPSS
Exploits0References1
OSV
OSV
added 2021/07/21 9:15 p.m.3 views

DEBIAN-CVE-2021-32761

Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis BIT command are vulnerable to integer overflow that...

7.5CVSS7.4AI score0.31049EPSS
Exploits0References1
OSV
OSV
added 2021/06/02 8:15 p.m.2 views

DEBIAN-CVE-2021-32625

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

8.8CVSS7.9AI score0.04207EPSS
Exploits0References1
OSV
OSV
added 2021/06/02 8:15 p.m.37 views

CVE-2021-32625

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

8.8CVSS7.7AI score
Exploits0References5
Prion
Prion
added 2021/06/02 8:15 p.m.38 views

Integer overflow

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

6.5CVSS8.9AI score0.04207EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2021/06/02 7:35 p.m.24 views

CVE-2021-32625 Redis vulnerability in STRALGO LCS on 32-bit systems

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

7.5CVSS9.3AI score0.04207EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2021/06/02 7:35 p.m.46 views

CVE-2021-32625

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

8.8CVSS8.3AI score0.04207EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/06/02 7:35 p.m.29 views

CVE-2021-32625

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This ...

8.8CVSS8.4AI score0.04207EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/05/05 12:0 a.m.7 views

PT-2021-7997

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the calculation of report length in the hid submit ctrl function, which does not account for the possibility of a zero-sized report. When a report of size 0 is...

8.4CVSS8.1AI score0.01549EPSS
Exploits0References522
Veracode
Veracode
added 2021/02/19 1:15 a.m.29 views

Denial Of Service (DoS)

jackson-dataformat-cbor is vulnerable to denial of service DoS. The vulnerability exists through the eager allocation of byte buffer that causes an out of memory error when a large len value is processed in finishBytes...

7.5CVSS2.7AI score0.03074EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2020/12/31 6:15 p.m.10 views

CVE-2020-11834

In /SM8250QMaster/android/vendor/oppocharger/oppo/oppovooc.c, the function procfastchgfwupdatewrite in procfastchgfwupdatewrite does not check the parameter len, resulting in a vulnerability...

5.5CVSS5.5AI score0.00324EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/12/31 5:59 p.m.20 views

CVE-2020-11834

In /SM8250QMaster/android/vendor/oppocharger/oppo/oppovooc.c, the function procfastchgfwupdatewrite in procfastchgfwupdatewrite does not check the parameter len, resulting in a vulnerability...

5.5AI score0.00324EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/12/31 5:59 p.m.22 views

CVE-2020-11833

In /SM8250QMaster/android/vendor/oppocharger/oppo/chargeric/oppomp2650.c, the function mp2650datalogwrite in mp2650datalogwrite does not check the parameter len which causes a vulnerability...

5.5AI score0.00324EPSS
Exploits1References1
Hacker One
Hacker One
added 2020/12/07 6:34 p.m.117 views

VK.com: Reflected XSS в /video

XSS в поиске по видеозаписям. xss в параметрах date, len, order при поиске видеозаписи с указанием параметров...

6.3AI score
Exploits0
Rows per page
Query Builder