In Redis versions prior to 6.2.16, 7.2.6 and 7.4.1 a high severity vulnerability CVE-2024-31449 was detected. An authenticated user can exploit a vulnerability in Redis by using a crafted Lua script, potentially leading to remote code execution. Users are advised to upgrade to the latest version to mitigate this risk. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-31449.
Read more Database
In Redis versions prior to 7.2.6 and 7.4.1 a medium severity vulnerability CVE-2024-31227 was detected. An authenticated user with sufficient privileges can create a malformed ACL selector in Redis, triggering a server panic and causing a denial of service. To fix this problem, users should upgrade to versions 7.2.6 and 7.4.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-31227.
Read more Database
In Redis versions prior to 6.2.16, 7.2.6 and 7.4.1 a medium severity vulnerability CVE-2024-31228 was detected. Authenticated users can trigger a denial-of-service in Redis by using specially crafted long string match patterns on certain commands, leading to stack overflow and a process crash. To fix this problem, users should upgrade to versions 6.2.16, 7.2.6 and 7.4.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-31228.
Read more Database
In Apache Hadoop versions 3.3.0 to 3.3.5 a medium severity vulnerability CVE-2024-23454 was detected. This vulnerability allows attackers to access sensitive data stored in the temporary directory, potentially exposing it to other local users on the system. To fix this issue, users should upgrade Apache Hadoop to version 3.3.6. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-23454.
Read more Data Analytics
In SQLite version 0.1.1 a critical severity vulnerability CVE-2024-46488 was detected. This vulnerability allows attackers to trigger a heap buffer overflow using a specially crafted file, potentially causing a system Denial of Service (DoS). To fix this issue, users should upgrade SQLite to version 0.1.3. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-46488.
Read more Database
In Grafana versions 8.5.0 up to 11.2.0 a medium severity vulnerability CVE-2024-8118 was detected. This vulnerability allows attackers with permission to write external alert instances to also write alert rules. To fix this issue, users must upgrade to versions 10.3.10, 10.4.9, 11.0.5, 11.1.6, or 11.2.1. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-8118.
Read more Data Analytics
In Grafana Plugin SDK versions before 0.249.0 a critical severity vulnerability CVE-2024-8986 was detected. This vulnerability allows attackers to access credentials if included in the repository URI, which becomes embedded in the final binary. To fix this issue, users must upgrade to version 0.250.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-8986.
Read more Data Analytics
In pgAdmin versions 8.11 and earlier a critical severity vulnerability in OAuth2 authentication CVE-2024-9014 was detected. This vulnerability allows attackers to potentially obtain the client ID and secret, leading to unauthorized access to user data. Currently there is no fix version for that issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-9014.
Read more Database
In Couchbase versions 7.6.x prior to 7.6.2, 7.2.x prior to 7.2.6 a medium severity vulnerability CVE-2024-25673 was detected. This vulnerability allows attackers to perform HTTP Host header injection, potentially leading to redirecting requests to malicious sites or influencing server-side logic based on manipulated host headers. Such attacks could compromise the integrity and security of the server. To fix this issue, users should upgrade Couchbase to versions 7.6.2, 7.2.6, or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-25673.
Read more Database