CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-0223

Malicious code in bioql PyPI...

6.5CVSS5.9AI score0.01219EPSS

Exploits0References11

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-0222

Malicious code in bioql PyPI...

3.7CVSS5.3AI score0.01488EPSS

Exploits0References11

IBM Security Bulletins•added 2025/03/26 3:38 a.m.•68 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.4.7 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.4.7 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-24538 DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by the failure to properly consider...

9.8CVSS9.1AI score0.04366EPSS

Exploits5Affected Software1

Tenable Nessus•added 2024/05/15 12:0 a.m.•26 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict (SUSE-SU-2024:1639-1)

"The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1639-1 advisory. - redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an...

6.5CVSS6.3AI score0.01488EPSS

Exploits0References11

IBM Security Bulletins•added 2023/06/16 3:19 p.m.•30 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

10CVSS8.6AI score0.01488EPSS

Exploits2Affected Software1

Tenable Nessus•added 2023/04/14 12:0 a.m.•25 views

FreeBSD : py39-redis -- can send response data to the client of an unrelated request (3f6d6181-79b2-4d33-bb1e-5d3f9df0c1d1)

"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3f6d6181-79b2-4d33-bb1e-5d3f9df0c1d1 advisory. - redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an...

6.5CVSS6.3AI score0.01488EPSS

Exploits0References3

SUSE CVE•added 2023/03/29 1:53 a.m.•4 views

SUSE CVE-2023-28859

redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. This could, for example, happen for a non-pipeline operation. NOTE: the solutions for CVE-2023-288...

4.3CVSS9.2AI score0.01219EPSS

Exploits0References6

Veracode•added 2023/03/28 2:25 a.m.•28 views

Race Condition

redis-py is vulnerable to a Race Condition. The vulnerability exists because the library leaves a connection open after cancelling the async Redis command at an inopportune time in the case of a pipeline operation and can send response data to the client of an unrelated request in an off-by-one...

3.7CVSS5.8AI score0.01488EPSS

Exploits0References10Affected Software2

RedhatCVE•added 2023/03/27 12:43 p.m.•27 views

CVE-2023-28858

A flaw was found in Redis redis-py. This flaw allows a remote, authenticated attacker to obtain sensitive information caused by an issue with leaving a connection open after canceling an async Redis command at an inopportune time. By sending a specially crafted request, an attacker can obtain...

4.3CVSS5.4AI score0.01488EPSS

Exploits0References5

OSV•added 2023/03/26 9:30 p.m.•0 views

GHSA-8FWW-64CX-X8P5 redis-py Race Condition due to incomplete fix

redis-py through 4.5.3 and 4.4.3 leaves a connection open after canceling an async Redis command at an inopportune time in the case of a non-pipeline operation, and can send response data to the client of an unrelated request. NOTE: this issue exists because of an incomplete fix for CVE-2023-2885...

7.1CVSS7.2AI score0.01219EPSS

Exploits0References12

OSV•added 2023/03/26 9:30 p.m.•0 views

GHSA-24WV-MV5M-XV4H redis-py Race Condition vulnerability

redis-py before 4.5.3, as used in ChatGPT and other products, leaves a connection open after canceling an async Redis command at an inopportune time in the case of a pipeline operation, and can send response data to the client of an unrelated request in an off-by-one manner. The fixed versions fo...

6.3CVSS6.5AI score0.01488EPSS

Exploits0References12

Github Security Blog•added 2023/03/26 9:30 p.m.•80 views

redis-py Race Condition vulnerability

3.7CVSS6AI score0.01488EPSS

Exploits0References12Affected Software1

NVD•added 2023/03/26 7:15 p.m.•17 views

CVE-2023-28858

redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner. NOTE: this CVE Record was initially created in response to reports about ChatGPT, and 4.3.6, 4.4....

3.7CVSS5.5AI score0.01488EPSS

Exploits0References6

NVD•added 2023/03/26 7:15 p.m.•19 views

CVE-2023-28859

6.5CVSS5.4AI score0.01219EPSS

Exploits0References5

OSV•added 2023/03/26 7:15 p.m.•1 views

DEBIAN-CVE-2023-28858

3.7CVSS5.4AI score0.01488EPSS

Exploits0References1

OSV•added 2023/03/26 7:15 p.m.•28 views

CVE-2023-28858