CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2025/10/29 9:45 a.m.•4 views

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.9CVSS8.2AI score0.11111EPSS

Exploits14References5

RedHat Linux•added 2025/10/29 9:45 a.m.•1 views

Redis: Redis Lua Use-After-Free may lead to remote code execution

A vulnerability found in Redis where a flaw in the Lua scripting engine can trigger a use-after-free condition. An authenticated attacker can exploit this by running a specially crafted Lua script, potentially resulting in remote code execution RCE within the Redis process...

9.9CVSS7.9AI score0.11111EPSS

Exploits13References8

RedHat Linux•added 2025/10/29 9:45 a.m.•1 views

Redis: Redis is vulnerable to DoS via specially crafted LUA scripts

A vulnerability was found in Redis where an authenticated user to run a crafted Lua script that can read out‑of‑bounds memory or crash the server, leading to information disclosure and denial of service...

7.1CVSS7.3AI score0.07828EPSS

RedHat Linux•added 2025/10/29 9:38 a.m.•2 views

Redis: Redis is vulnerable to DoS via specially crafted LUA scripts

7.1CVSS7.3AI score0.07828EPSS

RedHat Linux•added 2025/10/29 9:38 a.m.•1 views

redis: Lua library commands may lead to integer overflow and potential RCE

An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...

8.8CVSS8AI score0.10506EPSS

Exploits1References7

RedHat Linux•added 2025/10/29 9:38 a.m.•1 views

Redis: Redis: Authenticated users can execute LUA scripts as a different user

A code injection vulnerability in Redis Lua scripting where an authenticated user can craft a Lua script to manipulate objects and potentially execute code in another user’s context...

7.3CVSS7.5AI score0.03236EPSS

RedHat Linux•added 2025/10/29 9:38 a.m.•12 views

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.9CVSS8.2AI score0.11111EPSS

Exploits14References5

Tenable Nessus•added 2025/10/29 12:0 a.m.•4 views

RHEL 9 : redis (RHSA-2025:19237)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19237 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, set...

9.9CVSS9.3AI score0.11111EPSS

OSV•added 2025/10/29 12:0 a.m.•5 views

ALSA-2025:19238 Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

9.9CVSS8.4AI score0.11111EPSS

OSV•added 2025/10/29 12:0 a.m.•3 views

ALSA-2025:19237 Important: redis security update

AlmaLinux•added 2025/10/29 12:0 a.m.•3 views

Important: redis security update

AlmaLinux•added 2025/10/29 12:0 a.m.•3 views

Important: redis:6 security update

Information Security Automation•added 2025/10/28 7:52 p.m.•7 views

About Remote Code Execution – Redis “RediShell” (CVE-2025-49844) vulnerability

About Remote Code Execution - Redis "RediShell" CVE-2025-49844 vulnerability. Redis is a popular in-memory key–value database, used as a distributed cache and message broker, with optional durability. This vulnerability allows a remote authenticated attacker to execute arbitrary code via a...

OpenVAS•added 2025/10/28 12:0 a.m.•2 views

Exploits13

Fedora: Security Advisory (FEDORA-2025-0db06733a2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00074EPSS

Exploits0References3

Fedora•added 2025/10/25 9:17 p.m.•6 views

[SECURITY] Fedora 43 Update: valkey-8.1.4-2.fc43

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.9CVSS7.1AI score0.11111EPSS

Exploits14

Tenable Nessus•added 2025/10/25 12:0 a.m.•1 views

Fedora 43 : valkey (2025-fd6619a49f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-fd6619a49f advisory. Valkey 8.1.4 Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible. Security fixes CVE-2025-4984...