CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-41099 – Integer overflow issue with strings in Redis
https://notcve.org/view.php?id=CVE-2021-41099
04 Oct 2021 — An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. ... Esto puede hacerse usando ACL para restringir a usuarios no privilegiados el uso del comando CONFIG SET An integer overflow issue was found in redis in the underlying string library. ... Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read... • https://github.com/redis/redis/commit/c6ad876774f3cc11e32681ea02a2eead00f2c521 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0CVE-2021-32762 – Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms
https://notcve.org/view.php?id=CVE-2021-32762
04 Oct 2021 — The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. • https://github.com/redis/redis/commit/0215324a66af949be39b34be2d55143232c1cb71 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2021-32687 – Integer overflow issue with intsets in Redis
https://notcve.org/view.php?id=CVE-2021-32687
04 Oct 2021 — An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. ... Esto puede hacerse usando ACL para restringir a usuarios sin privilegios el uso del comando CONFIG SET An integer overflow issue was found in redis. ... Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and... • https://github.com/redis/redis/commit/a30d367a71b7017581cf1ca104242a3c644dec0f • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2021-32675 – DoS vulnerability in Redis
https://notcve.org/view.php?id=CVE-2021-32675
04 Oct 2021 — Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities. • https://github.com/redis/redis/commit/5674b0057ff2903d43eaff802017eddf37c360f8 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2021-32672 – Vulnerability in Lua Debugger in Redis
https://notcve.org/view.php?id=CVE-2021-32672
04 Oct 2021 — Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities. • https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2021-32627 – Integer overflow issue with Streams in Redis
https://notcve.org/view.php?id=CVE-2021-32627
04 Oct 2021 — In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. ... Esto puede hacerse usando ACL para restringir a usuarios sin privilegios el uso del comando CONFIG SET An integer overflow issue was found in redis. ... Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities. • https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2021-32628 – Vulnerability in handling large ziplists
https://notcve.org/view.php?id=CVE-2021-32628
04 Oct 2021 — An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. ... Esto puede hacerse usando ACL para restringir a usuarios sin privilegios el uso del comando CONFIG SET An integer overflow issue was found in the redis ziplist data structure. ... Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds ... • https://github.com/redis/redis/commit/f6a40570fa63d5afdd596c78083d754081d80ae3 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 13EXPL: 0CVE-2021-32626 – Lua scripts can overflow the heap-based Lua stack in Redis
https://notcve.org/view.php?id=CVE-2021-32626
04 Oct 2021 — Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities. • https://github.com/redis/redis/commit/666ed7facf4524bf6d19b11b20faa2cf93fdf591 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-32765 – Integer Overflow to Buffer Overflow in Hiredis
https://notcve.org/view.php?id=CVE-2021-32765
04 Oct 2021 — In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. ... Los usuarios de hiredis que no puedan actualizar pueden establecer la opción de contexto [maxelements](https://github.com/redis/hiredis#reader-max-array-elements) a un valor lo suficientemente pequeño como para que no sea posible el desbordamiento An integer overflow has been found in hiredis which could result in arbitrary code executi... • https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2021-41864 – kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write
https://notcve.org/view.php?id=CVE-2021-41864
01 Oct 2021 — prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. prealloc_elems_and_freelist en kernel/bpf/stackmap.c en el kernel de Linux antes de la versión 5.14.12 permite a usuarios sin privilegios desencadenar un desbordamiento de enteros en la multiplicación de eBPF con una escritura fuera de los límites resultante. ... In this flaw, the multiplicatio... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •