Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redis redis vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-3470
A heap overflow issue was found in Redis in versions prior to 5.0.10, prior to 6.0.9 and prior to 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast...
Redislabs Redis
Redislabs Redis 6.2.0
312
VMScore
CVE-2021-41172
AS_Redis is an AntSword plugin for Redis. The Redis Manage plugin for AntSword prior to version 0.5 is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution....
Antsword Redis Project Antsword Redis
828
VMScore
CVE-2016-10672
cloudpub-redis is a module for CloudPub: Redis Backend cloudpub-redis downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy...
Cloudpub-redis Project Cloudpub-redis 2.4.5
383
VMScore
CVE-2021-43697
Workerman-ThinkPHP-Redis (last update Mar 16, 2018) is affected by a Cross Site Scripting (XSS) vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET{C('VAR_JSONP_HANDLER...
Workerman-thinkphp-redis Project Workerman-thinkphp-redis
890
VMScore
CVE-2015-4335
Redis prior to 2.8.21 and 3.x prior to 3.0.2 allows remote malicious users to execute arbitrary Lua bytecode via the eval command.
Redislabs Redis 3.0.0
Redislabs Redis 3.0.1
Redislabs Redis
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2023-41056
Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4.
Redis Redis
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-36824
Redis is an in-memory database that persists on disk. In Redit 7.0 before 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code executio...
Redis Redis
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua sc...
Redis Redis
Fedoraproject Fedora 37
Fedoraproject Fedora 38
1 Github repository
NA
CVE-2023-31654
Redis raft master-1b8bd86 to master-7b46079 exists to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c.
Redis Redisraft -
445
VMScore
CVE-2021-29469
Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3...
Redis.js Redis
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »