Vulnerabilities > Redislabs

DATE CVE VULNERABILITY TITLE RISK
2023-11-16 CVE-2023-47003 NULL Pointer Dereference vulnerability in Redislabs Redisgraph 2.12.10
An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlock_ItemIsDeleted.
network
low complexity
redislabs CWE-476
critical
9.8
2023-11-06 CVE-2023-47004 Out-of-bounds Write vulnerability in Redislabs Redisgraph
Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication.
network
low complexity
redislabs CWE-787
8.8
2021-09-20 CVE-2020-21468 Unspecified vulnerability in Redislabs Redis 5.0.7
A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS).
network
low complexity
redislabs
7.5
2021-07-21 CVE-2021-32761 Integer Overflow to Buffer Overflow vulnerability in multiple products
Redis is an in-memory database that persists on disk.
network
high complexity
redislabs debian fedoraproject CWE-680
7.5
2021-06-02 CVE-2021-32625 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
2021-05-04 CVE-2021-29478 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
2021-05-04 CVE-2021-29477 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
2021-03-31 CVE-2021-3470 Out-of-bounds Write vulnerability in Redislabs Redis
A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash.
network
low complexity
redislabs CWE-787
5.0
2021-02-26 CVE-2021-21309 Integer Overflow or Wraparound vulnerability in Redislabs Redis
Redis is an open-source, in-memory database that persists on disk.
network
low complexity
redislabs CWE-190
8.8
2020-12-23 CVE-2020-35668 NULL Pointer Dereference vulnerability in Redislabs Redisgraph
RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.
network
low complexity
redislabs CWE-476
5.0