Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

Amazon
Amazonadded 2023/09/25 12:0 a.m.5 views

Important: redis

Issue Overview: Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and...

9CVSS8.5AI score0.1578EPSS
Exploits0
Check Point Advisories
Check Point Advisoriesadded 2022/03/31 12:0 a.m.25 views

Redis Lua Remote Code Execution (CVE-2022-0543)

A remote code execution vulnerability exists in Redis Lua. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.8AI score0.9967EPSS
Exploits8
RedHat Linux
RedHat Linuxadded 2019/07/25 4:10 p.m.4 views

redis: Heap corruption in lua_cmsgpack.c

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...

9.8CVSS7.7AI score0.59422EPSS
Exploits1References5
BDU FSTEC
BDU FSTECadded 2019/05/16 12:0 a.m.5 views

The vulnerability of the cmsgpack library in the Lua subsystem of the Redis database management system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cmsgpack library in the Lua subsystem of the Redis database management system arises due to an overflow of the buffer on the stack. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS7.7AI score0.59422EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTECadded 2019/05/16 12:0 a.m.4 views

The vulnerability of the struct library in the Lua subsystem of the Redis database management system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

Vulnerability of the struct library in the Lua subsystem of the Redis database management system. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS7.1AI score0.07056EPSS
Exploits1References6Affected Software2
OSV
OSVadded 2018/06/17 5:29 p.m.2 views

UBUNTU-CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...

9.8CVSS7.3AI score0.59422EPSS
Exploits1References9
OSV
OSVadded 2015/06/09 2:59 p.m.5 views

AZL-44232 CVE-2015-4335 affecting package compat-lua 5.1.5-17

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command...

10CVSS6.7AI score0.09636EPSS
Exploits2References1
Rows per page
Query Builder