Filtered by vendor Redislabs
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0178 | 1 Redislabs | 1 Redis | 2019-11-06 | 5.5 Medium |
| Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm. | ||||
| CVE-2013-0180 | 1 Redislabs | 1 Redis | 2019-11-06 | 5.5 Medium |
| Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds. | ||||
| CVE-2018-12326 | 1 Redislabs | 1 Redis | 2019-07-25 | N/A |
| Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source. | ||||
| CVE-2018-12453 | 1 Redislabs | 1 Redis | 2018-08-14 | N/A |
| Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream. | ||||
| CVE-2016-10517 | 1 Redislabs | 1 Redis | 2018-08-08 | N/A |
| networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol (but commonly occur when an attack triggers an HTTP request to the Redis TCP port). | ||||
| CVE-2013-7458 | 2 Debian, Redislabs | 2 Debian Linux, Redis | 2018-08-08 | N/A |
| linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file. | ||||