Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in hiredis

Hiredis is a minimalistic C client library for the Redis database. In affected versions, Hiredis can be vulnerable to integer overflow if maliciously crafted or corrupted RESP mult-bulk protocol data is provided. When parsing mult-bulk array-like replies, Hiredis fails to check whether count...

8.8CVSS8.3AI score0.02045EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/15 8:46 p.m.10 views

EUVD-2026-36467

Netty: Unbounded pre-allocation in RedisArrayAggregator from RESP array length...

7.5CVSS5.2AI score0.00335EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/12 2:52 p.m.25 views

CVE-2026-50011 Netty has unbounded pre-allocation in RedisArrayAggregator from RESP array length

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken fro...

7.5CVSS0.00335EPSS
Exploits0References3
CVE
CVEadded 2026/06/12 2:52 p.m.40 views

CVE-2026-50011

Netty CVE-2026-50011 affects RedisArrayAggregator in Netty (prior to 4.1.135.Final and 4.2.15.Final). A RESP header can claim a large initial ArrayList capacity, taken from the wire before child messages exist, enabling unbounded pre-allocation. This can cause memory consumption issues. The issue...

7.5CVSS5.3AI score0.00335EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/23 7:39 p.m.4 views

CVE-2025-67733 Valkey Affected by RESP Protocol Injection via Lua error_reply

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

8.5CVSS5.6AI score0.00415EPSS
Exploits0References1
CVE
CVEadded 2026/02/23 7:39 p.m.26 views

CVE-2025-67733

Valkey is affected by a RESP protocol injection via Lua error_reply. Before versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user could inject information into the response stream through scripting commands, potentially corrupting or returning tampered data to other users on the same connect...

8.5CVSS5.6AI score0.00415EPSS
Exploits0References1Affected Software1
Amazon
Amazonadded 2023/09/25 12:0 a.m.5 views

Important: hiredis

Issue Overview: Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk array-like replies, hiredis fails to check if count...

8.8CVSS7.5AI score0.02045EPSS
Exploits0
FreeBSD
FreeBSDadded 2021/10/04 12:0 a.m.28 views

hiredis -- integer/buffer overflow

hiredis maintainers report: Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk array-like replies, hiredis fails to check if count sizeofredisReply can be represented in SIZEMAX. If it can not, and the callo...

8.8CVSS2.6AI score0.02045EPSS
Exploits0References2
Rows per page
Query Builder