Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redislabs redis vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-4335
Redis prior to 2.8.21 and 3.x prior to 3.0.2 allows remote malicious users to execute arbitrary Lua bytecode via the eval command.
Redislabs Redis 3.0.0
Redislabs Redis 3.0.1
Redislabs Redis
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2017-15047
The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows malicious users to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging "limited access to the machine."
Redislabs Redis 4.0.2
6.5
CVSSv2
CVE-2021-32625
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote co...
Redislabs Redis
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.5
CVSSv2
CVE-2021-29477
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the `STRALGO LCS` command to corrupt the heap and potentially result with remote c...
Redislabs Redis
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.5
CVSSv2
CVE-2021-21309
Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Redis 4.0 or newer uses a config...
Redislabs Redis
6.5
CVSSv2
CVE-2019-10193
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x prior to 3.2.13, 4.x prior to 4.0.14 and 5.x prior to 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments...
Redislabs Redis
Redhat Openstack 9
Redhat Openstack 10
Redhat Openstack 13
Redhat Openstack 14
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.1
6.5
CVSSv2
CVE-2019-10192
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x prior to 3.2.13, 4.x prior to 4.0.14 and 5.x prior to 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense...
Redislabs Redis
Redhat Openstack 9
Redhat Openstack 10
Redhat Openstack 13
Redhat Openstack 14
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.1
6
CVSSv2
CVE-2021-32761
Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to ...
Redislabs Redis
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6
CVSSv2
CVE-2021-29478
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 prior to 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and previ...
Redislabs Redis
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2020-21468
A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7
Redislabs Redis 5.0.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »