Lucene search
K

114 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

RHEL 9 : redis:7 (RHSA-2026:26306)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26306 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, set...

8.8CVSS6.8AI score0.02995EPSS
Exploits4References8
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.10 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS5.4AI score0.00112EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 9:16 a.m.17 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS0.00112EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 8:26 a.m.12 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 8:26 a.m.35 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS0.00112EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 8:26 a.m.21 views

CVE-2024-11399

CVE-2024-11399 affects Synology BeeDrive for Desktop (redis-server component) prior to version 1.3.2-13814. Local users can trigger a denial-of-service via unspecified vectors, with impact on availability (CVSSv3.1: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H). Root cause details are not specified in the...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 8:26 a.m.15 views

CVE-2024-11399

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 8:26 a.m.14 views

EUVD-2024-55592

Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43577

Name of the Vulnerable Software and Affected Versions Synology BeeDrive for desktop versions prior to 1.3.2-13814 Description A flaw in the redis-server component allows local users to perform denial-of-service attacks, which occur when a system is overwhelmed to the point of becoming unavailable...

6.8CVSS5.4AI score0.00112EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Synology BeeDrive 安全漏洞

Synology BeeDrive is a backup and synchronization device developed by the Chinese company Synology. Versions of Synology BeeDrive prior to 1.3.2-13814 contained a security vulnerability. This vulnerability stemmed from the redis-server component, where external access to certain files or...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References1
OSV
OSV
added 2026/05/07 11:52 a.m.11 views

BIT-VALKEY-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References20
OSV
OSV
added 2026/05/07 11:51 a.m.15 views

BIT-VALKEY-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References11
OSV
OSV
added 2026/05/07 11:51 a.m.7 views

BIT-REDIS-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2026/05/05 5:17 p.m.11 views

CVE-2026-23479

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References1
Cvelist
Cvelist
added 2026/05/05 4:44 p.m.40 views

CVE-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

7.7CVSS0.02995EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/05 4:39 p.m.7 views

CVE-2026-23631 redis-server Lua use-after-free may allow remote code execution

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

6.1CVSS6.1AI score0.01782EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/05 4:36 p.m.7 views

CVE-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

7.7CVSS6.1AI score0.01286EPSS
Exploits4References2
Cvelist
Cvelist
added 2026/05/05 4:36 p.m.45 views

CVE-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

7.7CVSS0.01286EPSS
Exploits4References2
Debian CVE
Debian CVE
added 2026/05/05 4:36 p.m.5 views

CVE-2026-23479

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS6.1AI score0.01286EPSS
Exploits4
CVE
CVE
added 2026/05/05 4:36 p.m.86 views

CVE-2026-23479

Redis server 7.2.0–8.6.3 is affected by a use-after-free in the unblock client flow when re-executing a blocked command if an error return from processCommandAndResetClient isn’t handled. If a blocked client is evicted during this path, an authenticated attacker could potentially achieve remote c...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References10Affected Software1
Rows per page
Query Builder