redis: Lua library commands may lead to integer overflow and potential RCE

An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...

redis: Lua library commands may lead to integer overflow and potential RCE

An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...

Security Bulletin: Multiple vulnerabilities in IBM Aspera High-Speed Transfer Server, IBM Aspera High-Speed Transfer Endpoint and IBM Aspera Desktop Client.

Summary Multiple vulnerabilities were addressed in IBM Aspera High-Speed Transfer Server v4.4.7, IBM Aspera High-Speed Transfer Endpoint v4.4.7 and IBM Aspera Desktop Client v4.4.7. Vulnerability Details CVEID:CVE-2025-46818 DESCRIPTION: Redis is an open source, in-memory database that persists o...

TencentOS Server 4: redis (TSSA-2025:0758)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0758 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Redis: Redis Lua Use-After-Free may lead to remote code execution

A vulnerability found in Redis where a flaw in the Lua scripting engine can trigger a use-after-free condition. An authenticated attacker can exploit this by running a specially crafted Lua script, potentially resulting in remote code execution RCE within the Redis process...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis5 (UTSA-2025-988577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988577 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to...

OESA-2025-2453 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a...

OESA-2025-2452 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a...

OESA-2025-2451 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a...

OESA-2025-2450 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a...

Ubuntu: Security Advisory (USN-7824-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BIT-VALKEY-2025-49844 Redis Lua Use-After-Free may lead to remote code execution

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all...

BIT-REDIS-2025-49844 Redis Lua Use-After-Free may lead to remote code execution

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all...

BIT-KEYDB-2025-49844 Redis Lua Use-After-Free may lead to remote code execution

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all...

Amazon Linux 2 : redis, --advisory ALAS2REDIS6-2025-015 (ALASREDIS6-2025-015)

The version of redis installed on the remote host is prior to 6.2.20-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2025-015 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated use...

Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2025-1222)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1222 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and...

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2025-1221)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1221 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and...

Exploit for Use After Free in Redis

🚨 CVE-2025-49844 RediShell - Complete Guide ⚠️ Just for...

Important: redis

Issue Overview: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with...

Important: valkey

Issue Overview: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with...