Lucene search
K

114 matches found

RedHat Linux
RedHat Linux
added 2025/01/27 1:43 a.m.4 views

redis: Redis' Lua library commands may lead to remote code execution

A flaw was found in the Redis server. This flaw allows an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution...

9.8CVSS7.7AI score0.07934EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2025/01/20 1:21 a.m.6 views

redis: Redis' Lua library commands may lead to remote code execution

A flaw was found in the Redis server. This flaw allows an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution...

9.8CVSS7.7AI score0.07934EPSS
Exploits2References8
RedhatCVE
RedhatCVE
added 2025/01/07 4:48 a.m.9 views

CVE-2024-51741

A flaw was found in the Redis server. An authenticated attacker with sufficient privileges can create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service...

4.4CVSS6.4AI score0.00299EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2024/10/08 5:27 p.m.510 views

Exploit for Deserialization of Untrusted Data in Flask-Caching_Project Flask-Caching

It is an offensive tool for web exploitation. This PoC exploit t...

9.8CVSS9.2AI score0.07288EPSS
Exploits3
OSV
OSV
added 2024/08/22 7:42 p.m.36 views

BIT-VALKEY-2023-28425 Specially crafted MSETNX command can lead to denial-of-service

Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10...

5.5CVSS5.5AI score0.54978EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2024/07/30 12:0 a.m.7 views

NI FlexLogger Redis Server Incorrect Permission Assignment Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.5CVSS6AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/06/14 1:59 p.m.30 views

RLSA-2024:3264 Important: pcp security update

Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fixes: pcp:...

8.8CVSS8.8AI score0.01002EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/05/29 5:45 p.m.46 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.5 security update

An update is now available for Red Hat OpenShift GitOps v1.11.5 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A...

9CVSS7.3AI score0.01479EPSS
Exploits2References2
OSV
OSV
added 2024/05/29 7:16 a.m.16 views

BIT-ARGO-CD-2024-31989 ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

9CVSS8.8AI score0.01479EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2024/05/28 8:22 a.m.46 views

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.3 security update

An update is now available for Red Hat OpenShift GitOps v1.12.3 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A...

9CVSS7.3AI score0.01479EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/05/28 12:0 a.m.15 views

RHEL 8 : pcp (RHSA-2024:3392)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3392 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS7.4AI score0.01002EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2024/05/25 9:11 a.m.17 views

Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data

Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence AI-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. "Exploitation of this vulnerability would have allowed...

8.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/05/23 9:44 a.m.12 views

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS6.9AI score0.01002EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/23 9:28 a.m.8 views

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS6.9AI score0.01002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.18 views

RHEL 8 : pcp (RHSA-2024:3324)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3324 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS7.4AI score0.01002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.22 views

RHEL 8 : pcp (RHSA-2024:3322)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3322 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS7.4AI score0.01002EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/22 11:56 a.m.33 views

Important: Red Hat Security Advisory: pcp security update

An update for pcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

8.8CVSS7.1AI score0.01002EPSS
Exploits0References2
OSV
OSV
added 2024/05/22 12:0 a.m.22 views

ALSA-2024:3264 Important: pcp security update

Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fixes: pcp:...

8.8CVSS8.8AI score0.01002EPSS
Exploits0References4
NVD
NVD
added 2024/05/21 7:15 p.m.17 views

CVE-2024-31989

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

9CVSS9AI score0.01479EPSS
Exploits2References9
Rockylinux
Rockylinux
added 2024/05/10 2:32 p.m.27 views

pcp security, bug fix, and enhancement update

An update is available for pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Performance Co-Pilot PCP is a suite of tools, services, and libraries for...

8.8CVSS7.5AI score0.01002EPSS
Exploits0
Rows per page
Query Builder