| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the password) to allocate memory in the heap lesser than the required memory due to wraparound. Then read and write can be performed beyond this allocated memory, leading to info leak and OOB write. The integer overflow is in CMS.INITBYDIM command, which initialize a Count-Min Sketch to dimensions specified by user. It accepts two values (width and depth) and uses them to allocate memory in NewCMSketch(). This vulnerability is fixed in 2.2.19, 2.4.12, 2.6.14, and 2.8.2. |
| RediSearch is a Redis module that provides querying, secondary indexing, and full-text search for Redis. An authenticated redis user executing FT.SEARCH or FT.AGGREGATE with a specially crafted LIMIT command argument, or FT.SEARCH with a specially crafted KNN command argument, can trigger an integer overflow, leading to heap overflow and potential remote code execution. This vulnerability is fixed in 2.6.24, 2.8.21, and 2.10.10. Avoid setting value of -1 or large values for configuration parameters MAXSEARCHRESULTS and MAXAGGREGATERESULTS, to avoid exploiting large LIMIT arguments. |
| RedisTimeSeries is a time-series database (TSDB) module for Redis, by Redis. Executing one of these commands TS.QUERYINDEX, TS.MGET, TS.MRAGE, TS.MREVRANGE by an authenticated user, using specially crafted command arguments may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. This vulnerability is fixed in 1.6.20, 1.8.15, 1.10.15, and 1.12.3. |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer overflow. |
| Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Windows Sysmain Service Elevation of Privilege Vulnerability |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| Windows Fax Service Remote Code Execution Vulnerability |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability |
| Raw Image Extension Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Denial of Service Vulnerability |
| Windows Bluetooth Service Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Windows Partition Management Driver Elevation of Privilege Vulnerability |
| Windows HTTP.sys Elevation of Privilege Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability |
