EUVD-2021-19530

Malware in sbrugna...

BIT-KEYDB-2021-32762 Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms

Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis librar...

SUSE CVE-2018-12326

Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h aka...

Integer overflow that can lead to heap overflow in redis-cli redis-sentinel on some platforms

...

CVE-2021-32762

An integer overflow issue leading to heap buffer overflow was found in the hiredis library. The "redis-cli" command-line tool and "redis-sentinel" service may be vulnerable to this flaw when parsing specially crafted, large multi-bulk network replies. This flaw allows a remote attacker to corrupt...

Redis Labs Redis 安全漏洞

Redis Labs Redis is an open source, ANSI C, web-enabled, memory-based, persistent logging, key-value Key-Value storage database from Redis Labs, Inc. that provides APIs in multiple languages. A security vulnerability exists in Redis, which stems from the command-line tools redis-cli and the...

redis -- multiple vulnerabilities

The Redis Team reports: CVE-2021-41099 Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured. CVE-2021-32762 Integer to heap buffer overflow issue in redis-cli and redis-sentinel parsing large multi-bulk replies on so...

redis: Code execution in redis-cli via crafted command line arguments

The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h host command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service...

redis: Code execution in redis-cli via crafted command line arguments

The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h host command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service...

Redis-cli Buffer Overflow

Exploit Title: Redis-cli 5.0 - Buffer Overflow PoC Date: 2018-06-13 Exploit Author: Fakhri Zulkifli Vendor Homepage: https://redis.io/ Software Link: https://redis.io/download Version: 5.0, 4.0, 3.2 Fixed on: 5.0, 4.0, 3.2 CVE : CVE-2018-12326 Buffer overflow in redis-cli of Redis version 3.2, 4....

Redis-cli 5.0 - Buffer Overflow (PoC)

Redis-cli 5.0 - Buffer Overflow PoC Exploit Title: Redis-cli 5.0 - Buffer Overflow PoC Date: 2018-06-13 Exploit Author: Fakhri Zulkifli Vendor Homepage: https://redis.io/ Software Link: https://redis.io/download Version: 5.0, 4.0, 3.2 Fixed on: 5.0, 4.0, 3.2 CVE : CVE-2018-12326 Buffer overflow i...

CVE-2018-12326

Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h aka...

UBUNTU-CVE-2018-12326

Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h aka...

DEBIAN-CVE-2018-12326

Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h aka...

About Redis unauthorized access flaws vulnerability bug want to do research use-vulnerability warning-the black bar safety net

redis is a high-performance in-memory database, but also support the memory data retained on the hard disk, to achieve persistent storage. Because redis does not force the visited authentication, incur not authorized to visit the hot spots of vulnerability bug-prone, the intruders take this...

MGASA-2016-0295 Updated redis packages fix security vulnerability

It was discovered that redis did not properly protect redis-cli history files; they were created by default with world-readable permissions CVE-2013-7458...

Debian DLA-577-1 : redis security update

It was discovered that the redis-cli tool in redis an in-memory key-value database created world-readable history files. For Debian 7 'Wheezy', this issue has been fixed in redis version 2:2.4.14-1+deb7u1. We recommend that you upgrade your redis packages. NOTE: Tenable Network Security has...