Количество 31
Количество 31
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
CVE-2025-32023
Redis allows out of bounds writes in hyperloglog commands leading to RCE
CVE-2025-32023
Redis is an open source, in-memory database that persists on disk. Fro ...
BDU:2025-09081
Уязвимость сервера системы управления базами данных (СУБД) Redis, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2025-08113
Уязвимость сервера системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код
ROS-20250905-06
Уязвимость redis
ROS-20250905-05
Уязвимость valkey
ROS-20250904-11
Уязвимость valkey
ROS-20250904-12
Множественные уязвимости redis
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands. | CVSS3: 7 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands. | CVSS3: 7 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE | CVSS3: 7 | 0% Низкий | 5 месяцев назад |
| CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. Fro ... | CVSS3: 7 | 0% Низкий | 6 месяцев назад |
 | BDU:2025-09081 Уязвимость сервера системы управления базами данных (СУБД) Redis, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
| BDU:2025-08113 Уязвимость сервера системы управления базами данных (СУБД) Redis, позволяющая нарушителю выполнить произвольный код | CVSS3: 7 | 0% Низкий | 6 месяцев назад |
 | ROS-20250905-06 Уязвимость redis | CVSS3: 7.5 | 0% Низкий | 4 месяца назад |
| ROS-20250905-05 Уязвимость valkey | CVSS3: 7.5 | 0% Низкий | 4 месяца назад |
| ROS-20250904-11 Уязвимость valkey | CVSS2: 6 | 0% Низкий | 4 месяца назад |
| ROS-20250904-12 Множественные уязвимости redis | CVSS3: 4.9 | 4 месяца назад |
Уязвимостей на страницу