366 matches found
RockyLinux 8 : redis:6 (RLSA-2025:19238)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19238 advisory. redis: Lua library commands may lead to integer overflow and potential RCE CVE-2025-46817 Redis: Redis: Authenticated users can execute LUA scripts as a...
RLSA-2025:21936 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
RLSA-2025:21916 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
Redis: Redis: Authenticated users can execute LUA scripts as a different user
A code injection vulnerability in Redis Lua scripting where an authenticated user can craft a Lua script to manipulate objects and potentially execute code in another user’s context...
Redis: Redis Lua Use-After-Free may lead to remote code execution
A vulnerability found in Redis where a flaw in the Lua scripting engine can trigger a use-after-free condition. An authenticated attacker can exploit this by running a specially crafted Lua script, potentially resulting in remote code execution RCE within the Redis process...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...
Important: Red Hat Security Advisory: valkey security update
An update for valkey is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Redis: Redis: Authenticated users can execute LUA scripts as a different user
A code injection vulnerability in Redis Lua scripting where an authenticated user can craft a Lua script to manipulate objects and potentially execute code in another user’s context...
ALSA-2025:21916 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
CVE-2025-12120
Lite XL versions 2.1.8 and prior automatically execute the .liteproject.lua file when opening a project directory, without prompting the user for confirmation. The .liteproject.lua file is intended for project-specific configuration but can contain executable Lua logic. This behavior could allow...
Alibaba Cloud Linux 3 : 0165: redis:6 (ALINUX3-SA-2025:0165)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0165 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-46817: Redis is an open source,...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...
Redis: Redis: Authenticated users can execute LUA scripts as a different user
A code injection vulnerability in Redis Lua scripting where an authenticated user can craft a Lua script to manipulate objects and potentially execute code in another user’s context...
Redis: Redis Lua Use-After-Free may lead to remote code execution
A vulnerability found in Redis where a flaw in the Lua scripting engine can trigger a use-after-free condition. An authenticated attacker can exploit this by running a specially crafted Lua script, potentially resulting in remote code execution RCE within the Redis process...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...
Redis: Redis: Authenticated users can execute LUA scripts as a different user
A code injection vulnerability in Redis Lua scripting where an authenticated user can craft a Lua script to manipulate objects and potentially execute code in another user’s context...
valkey security update
An update is available for valkey. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Valkey is an advanced key-value store. It is often referred to as a data...
RLSA-2025:19675 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...