Vulnerabilities > Redislabs
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-16 | CVE-2023-47003 | NULL Pointer Dereference vulnerability in Redislabs Redisgraph 2.12.10 An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlock_ItemIsDeleted. | 9.8 |
2023-11-06 | CVE-2023-47004 | Out-of-bounds Write vulnerability in Redislabs Redisgraph Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication. | 8.8 |
2021-09-20 | CVE-2020-21468 | Unspecified vulnerability in Redislabs Redis 5.0.7 A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). | 7.5 |
2021-07-21 | CVE-2021-32761 | Redis is an in-memory database that persists on disk. | 7.5 |
2021-06-02 | CVE-2021-32625 | Integer Overflow or Wraparound vulnerability in multiple products Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. | 8.8 |
2021-05-04 | CVE-2021-29478 | Integer Overflow or Wraparound vulnerability in multiple products Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. | 8.8 |
2021-05-04 | CVE-2021-29477 | Integer Overflow or Wraparound vulnerability in multiple products Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. | 8.8 |
2021-03-31 | CVE-2021-3470 | Out-of-bounds Write vulnerability in Redislabs Redis A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. | 5.3 |
2021-02-26 | CVE-2021-21309 | Unspecified vulnerability in Redislabs Redis Redis is an open-source, in-memory database that persists on disk. | 8.8 |
2020-12-23 | CVE-2020-35668 | NULL Pointer Dereference vulnerability in Redislabs Redisgraph RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced. | 7.5 |