CVE-2022-31144

HIGH Year: 2022
CVSS v3 Score
8.8
High
Weakness Type
CWE-122
View all →

Vulnerability Description

Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4.

Related Vulnerabilities

CVE-2015-6457

HIGH
CVSS:8.8(High)

Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.

CWE-1222015

CVE-2016-9580

HIGH
CVSS:8.8(High)

An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.

CWE-1222016

CVE-2016-9581

HIGH
CVSS:8.8(High)

An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.

CWE-1222016

CVE-2017-12704

HIGH
CVSS:8.8(High)

A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validatio...

CWE-1222017

CVE-2017-13090

HIGH
CVSS:8.8(High)

The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but does...

CWE-1222017

CVE-2017-6037

HIGH
CVSS:8.8(High)

A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run ...

CWE-1222017