Lucene search
K

49 matches found

vulnersOsv
vulnersOsv
added 2023/03/26 9:30 p.m.4 views

an-website (>=22.12.28 <=23.2.6), anoteai (>=0.10.0 <=0.20.0) +26 more potentially affected by CVE-2023-28858 via redis (>=4.4.0 <=4.4.2)

redis PYPI version =4.4.0, =22.12.28, =0.10.0, =0.8.2, =0.1.17, =0.0.10, =1.8.1, =0.5.0rc1, =0.0.122, =0.104.0rc1, =0.7.2, =0.31.0, =1.0.2, =1.1.1 - lemur =1.3.1 and more Source cves: CVE-2023-28858 Source advisory: OSV:GHSA-24WV-MV5M-XV4H...

3.7CVSS6.1AI score0.01018EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/03/26 7:15 p.m.6 views

abs-auth-rbac-core (>=0.1.15 <=0.5.4), airdot (>=0.3.0b0 <=0.6.0b0) +45 more potentially affected by CVE-2023-28858 via redis (>=4.5.0 <=4.5.2)

redis PYPI version =4.5.0, =0.1.15, =0.3.0b0, =23.2.9, =1.1.87, =0.0.25, =1.1.0, =1.0.0, =0.13.0, =1.0.0, =0.3.0, =4.7.0, =4.7.3 and more Source cves: CVE-2023-28858 Source advisory: OSV:PYSEC-2023-45...

3.7CVSS5.8AI score0.01018EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/10/21 12:0 a.m.12 views

CVE-2022-3647 Redis Crash Report debug.c sigsegvHandler denial of service

DISPUTED A vulnerability, which was classified as problematic, was found in Redis up to 6.2.7/7.0.5. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The complexity of an attack is rather high. The exploitabili...

3.1CVSS4.3AI score0.00573EPSS
Exploits1References3
OSV
OSV
added 2022/08/13 11:4 a.m.5 views

OESA-2022-1823 redis6 security update

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

7.8CVSS7.2AI score0.02189EPSS
Exploits2References3
OSV
OSV
added 2021/09/20 4:15 p.m.4 views

UBUNTU-CVE-2020-21468

DISPUTED A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service DOS. NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7...

7.5CVSS5.8AI score0.01154EPSS
Exploits0References5
OSV
OSV
added 2018/06/17 2:29 p.m.3 views

DEBIAN-CVE-2018-12326

Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h aka...

8.4CVSS9.2AI score0.02678EPSS
Exploits5References1
OSV
OSV
added 2017/10/24 6:29 p.m.3 views

UBUNTU-CVE-2016-10517

networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol but commonly occur when an attack triggers an HTTP request to the Redis TCP port...

7.4CVSS7.1AI score0.02147EPSS
Exploits0References5
OSV
OSV
added 2016/10/28 2:59 p.m.5 views

UBUNTU-CVE-2016-8339

A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG S...

9.8CVSS7.7AI score0.14834EPSS
Exploits2References3
OSV
OSV
added 2016/08/10 2:59 p.m.3 views

DEBIAN-CVE-2013-7458

linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .redisclihistory, which allows local users to obtain sensitive information by reading the file...

3.3CVSS4AI score0.00484EPSS
Exploits0References1
Rows per page
Query Builder