exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 38

BDU:2025-12553

6 месяцев назад

Уязвимость системы управления базами данных (СУБД) Redis, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код

CVSS3: 9.9

EPSS: Средний

ROS-20251217-7321

4 месяца назад

Уязвимость valkey

CVSS3: 9.9

EPSS: Средний

ROS-20251124-05

4 месяца назад

Уязвимость redis

CVSS3: 9.9

EPSS: Средний

ROS-20251029-06

5 месяцев назад

Множественные уязвимости redis

CVSS3: 9.9

EPSS: Низкий

CVE-2025-49844

6 месяцев назад

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.

CVSS3: 9.9

EPSS: Средний

CVE-2025-49844

6 месяцев назад

CVSS3: 8.8

EPSS: Средний

CVE-2025-49844

6 месяцев назад

CVSS3: 9.9

EPSS: Средний

CVE-2025-49844

6 месяцев назад

Redis Lua Use-After-Free may lead to remote code execution

CVSS3: 9.9

EPSS: Средний

CVE-2025-49844

6 месяцев назад

Redis is an open source, in-memory database that persists on disk. Ver ...

CVSS3: 9.9

EPSS: Средний

ELSA-2025-20656

6 месяцев назад

ELSA-2025-20656: redis security update (CRITICAL)

EPSS: Низкий

ELSA-2025-20655

6 месяцев назад

ELSA-2025-20655: redis security update (IMPORTANT)

EPSS: Низкий

ELSA-2025-20654

6 месяцев назад

ELSA-2025-20654: redis security update (IMPORTANT)

EPSS: Низкий

ELSA-2025-20653

6 месяцев назад

ELSA-2025-20653: valkey security update (IMPORTANT)

EPSS: Низкий

openSUSE-SU-2026:20003-1

3 месяца назад

Security update of valkey

EPSS: Низкий

SUSE-SU-2025:03507-1

6 месяцев назад

Security update for redis

EPSS: Низкий

SUSE-SU-2025:03506-1

6 месяцев назад

Security update for redis

EPSS: Низкий

SUSE-SU-2025:03505-1

6 месяцев назад

Security update for redis

EPSS: Низкий

SUSE-SU-2025:03502-1

6 месяцев назад

Security update for valkey

EPSS: Низкий

SUSE-SU-2025:03501-1

6 месяцев назад

Security update for redis7

EPSS: Низкий

SUSE-SU-2025:03500-1

6 месяцев назад

Security update for redis7

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2025-12553 Уязвимость системы управления базами данных (СУБД) Redis, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код	CVSS3: 9.9	12% Средний	6 месяцев назад
ROS-20251217-7321 Уязвимость valkey	CVSS3: 9.9	12% Средний	4 месяца назад
ROS-20251124-05 Уязвимость redis	CVSS3: 9.9	12% Средний	4 месяца назад
ROS-20251029-06 Множественные уязвимости redis	CVSS3: 9.9		5 месяцев назад
CVE-2025-49844 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.	CVSS3: 9.9	12% Средний	6 месяцев назад
CVE-2025-49844 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.	CVSS3: 8.8	12% Средний	6 месяцев назад
CVE-2025-49844 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.	CVSS3: 9.9	12% Средний	6 месяцев назад
CVE-2025-49844 Redis Lua Use-After-Free may lead to remote code execution	CVSS3: 9.9	12% Средний	6 месяцев назад
CVE-2025-49844 Redis is an open source, in-memory database that persists on disk. Ver ...	CVSS3: 9.9	12% Средний	6 месяцев назад
ELSA-2025-20656 ELSA-2025-20656: redis security update (CRITICAL)			6 месяцев назад
ELSA-2025-20655 ELSA-2025-20655: redis security update (IMPORTANT)			6 месяцев назад
ELSA-2025-20654 ELSA-2025-20654: redis security update (IMPORTANT)			6 месяцев назад
ELSA-2025-20653 ELSA-2025-20653: valkey security update (IMPORTANT)			6 месяцев назад
openSUSE-SU-2026:20003-1 Security update of valkey			3 месяца назад
SUSE-SU-2025:03507-1 Security update for redis			6 месяцев назад
SUSE-SU-2025:03506-1 Security update for redis			6 месяцев назад
SUSE-SU-2025:03505-1 Security update for redis			6 месяцев назад
SUSE-SU-2025:03502-1 Security update for valkey			6 месяцев назад
SUSE-SU-2025:03501-1 Security update for redis7			6 месяцев назад
SUSE-SU-2025:03500-1 Security update for redis7			6 месяцев назад

Уязвимостей на страницу