35 matches found
Astra Linux – Vulnerability in hiredis
Hiredis is a minimalistic C client library for the Redis database. In affected versions, Hiredis can be vulnerable to integer overflow if maliciously crafted or corrupted RESP mult-bulk protocol data is provided. When parsing mult-bulk array-like replies, Hiredis fails to check whether count...
Unity Linux 20.1060e / 20.1070e Security Update: hiredis (UTSA-2026-016624)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016624 advisory. Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or...
EUVD-2025-22464
Malicious code in bioql PyPI...
BIT-VALKEY-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
BIT-REDIS-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
BIT-KEYDB-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
Linux Distros Unpatched Vulnerability : CVE-2025-46686
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server...
CVE-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
DEBIAN-CVE-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
CVE-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
UBUNTU-CVE-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
CVE-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
CVE-2025-46686
CVE-2025-46686 concerns Redis up to version 8.0.3, where memory can be consumed by a crafted multi-bulk command sequence sent by an authenticated user. The issue arises because the server allocates memory for the command arguments of every bulk, even if the command is later skipped due to insuffi...
CVE-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
CVE-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
CVE-2025-46686
Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...
BIT-VALKEY-2021-32762 Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis librar...
Important: hiredis
Issue Overview: Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk array-like replies, hiredis fails to check if count...
SUSE CVE-2021-32765
Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk array-like replies, hiredis fails to check if count sizeofredisReply...
SUSE CVE-2021-32762
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis librar...