Vulnerabilities > Redislabs > Redis > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-20 CVE-2020-21468 Unspecified vulnerability in Redislabs Redis 5.0.7
A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS).
network
low complexity
redislabs
7.5
7.5
2021-07-21 CVE-2021-32761 Integer Overflow to Buffer Overflow vulnerability in multiple products
Redis is an in-memory database that persists on disk.
network
high complexity
redislabs debian fedoraproject CWE-680
7.5
7.5
2021-06-02 CVE-2021-32625 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
8.8
2021-05-04 CVE-2021-29478 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
8.8
2021-05-04 CVE-2021-29477 Integer Overflow or Wraparound vulnerability in multiple products
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.
network
low complexity
redislabs fedoraproject CWE-190
8.8
8.8
2021-02-26 CVE-2021-21309 Integer Overflow or Wraparound vulnerability in Redislabs Redis
Redis is an open-source, in-memory database that persists on disk.
network
low complexity
redislabs CWE-190
8.8
8.8
2018-06-17 CVE-2018-11219 Integer Overflow or Wraparound vulnerability in multiple products
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.
network
low complexity
redislabs debian oracle redhat CWE-190
7.5
7.5
2018-06-17 CVE-2018-11218 Out-of-bounds Write vulnerability in multiple products
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
network
low complexity
redislabs debian oracle redhat CWE-787
7.5
7.5
2017-10-06 CVE-2017-15047 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Redislabs Redis 4.0.2
The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by leveraging "limited access to the machine."
network
low complexity
redislabs CWE-119
7.5
7.5