Lucene search
K

97 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 7:5 a.m.7 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 4:42 p.m.7 views

EUVD-2026-39811

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds read in DragonflyDB's listpack collection loaders, crashing the entire server process SIGSEGV. Because DragonflyDB requires no authentication by defaul...

7.5CVSS5.9AI score0.00399EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 4:42 p.m.85 views

CVE-2026-54341

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds read in DragonflyDB's listpack collection loaders, crashing the entire server process SIGSEGV. Because DragonflyDB requires no authentication by defaul...

7.5CVSS5.9AI score0.00399EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/26 4:42 p.m.15 views

CVE-2026-54341

Dragonfly (DragonflyDB) before version 1.39.0 is vulnerable: a crafted RESTORE payload triggers an out-of-bounds read in the listpack collection loaders, crashing the server (SIGSEGV). The issue is exploitable remotely without authentication via a single ~24-byte RESTORE command, enabling unauthe...

7.5CVSS5.9AI score0.00399EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/25 10:37 a.m.5 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/23 7:29 a.m.6 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.1AI score0.02995EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.18 views

RHEL 9 : redis (RHSA-2026:28139)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28139 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

8.8CVSS6.6AI score0.02995EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/22 6:26 a.m.5 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.1AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 2:32 a.m.6 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.1AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/16 1:39 p.m.12 views

Important: Red Hat Security Advisory: redis:7 security update

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS6.7AI score0.02995EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2026/06/16 12:14 p.m.274 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 10:18 a.m.13 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6AI score0.02995EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

RHEL 9 : redis (RHSA-2026:23229)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23229 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.20 views

CVE-2026-25589

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS6AI score0.01331EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/04 1:19 p.m.245 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.1AI score0.02995EPSS
Exploits0References6
OSV
OSV
added 2026/06/04 12:0 a.m.5 views

ALSA-2026:23229 Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.16 views

SUSE SLES15 Security Update : redis7 (SUSE-SU-2026:2097-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2097-1 advisory. This update for redis7 fixes the following issues - CVE-2026-23631: Lua use-after-free via the master-replica synchronization...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

SUSE SLES15 Security Update : redis7 (SUSE-SU-2026:2100-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2100-1 advisory. This update for redis7 fixes the following issues - CVE-2026-23631: Lua use-after-free via the master-replica synchronization...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

SUSE SLES15 Security Update : redis (SUSE-SU-2026:2098-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2098-1 advisory. This update for redis fixes the following issue - CVE-2026-25243: invalid memory access in RESTORE command via a specially crafted serialize...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/05/27 2:22 p.m.12 views

Security update for redis7

This update for redis7 fixes the following issues CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243: invalid memory access in RESTORE command via a specially crafted serialized payload may lead to remot...

7.7CVSS6.5AI score0.02995EPSS
Exploits0References8
Rows per page
Query Builder