Lucene search
+L

412 matches found

Fedora
Fedora
added 2025/05/03 1:11 a.m.11 views

[SECURITY] Fedora 40 Update: valkey-8.0.3-1.fc40

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

7.5CVSS7.4AI score0.00843EPSS
Exploits0
Fedora
Fedora
added 2025/05/03 1:11 a.m.16 views

[SECURITY] Fedora 40 Update: redis-7.2.8-1.fc40

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

7.5CVSS7.4AI score0.00843EPSS
Exploits0
Snyk
Snyk
added 2025/05/02 3:31 p.m.2 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure when validating malformed payloads in the Validate function used by the KV v2 plugin. If payloads containing secrets are sent in creation or update requests to the REST API and caught by the validator, their content...

6.7CVSS6.9AI score0.00335EPSS
Exploits0References2
CVE
CVE
added 2025/05/02 2:57 p.m.500 views

CVE-2025-4166

CVE-2025-4166 affects Vault Community and Vault Enterprise KV v2 plugin. When handling malformed payloads during secret create/update via the Vault REST API, servers/audit logs may leak sensitive information due to error message content. The issue is fixed in Vault Community 1.19.3 and Vault Ente...

6.5CVSS4.6AI score0.00335EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2025/05/02 2:57 p.m.9 views

CVE-2025-4166

Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...

6.5CVSS6.8AI score0.00335EPSS
Exploits0
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2025/05/02 2:53 p.m.6 views

Vault May Expose Sensitive Information in Error Logs When Processing Malformed Data With the KV v2 Plugin

Summary Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as...

6.5CVSS6.3AI score0.00335EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/02 12:0 a.m.6 views

PT-2025-18795 · Hashicorp +1 · Vault Community +3

Name of the Vulnerable Software and Affected Versions: Vault Community versions prior to 1.19.3 Vault Enterprise versions prior to 1.19.3, 1.18.9, 1.17.16, 1.16.20 Description: The Key/Value kv Version 2 plugin in Vault Community and Vault Enterprise may unintentionally expose sensitive informati...

7.8CVSS4.4AI score0.00335EPSS
Exploits0References20
Packet Storm News
Packet Storm News
added 2025/04/29 12:0 a.m.23 views

CachePrune: Neural-Based Attribution Defense against Indirect Prompt Injection Attacks

Large Language Models LLMs are identified as being susceptible to indirect prompt injection attack, where the model undesirably deviates from user-provided instructions by executing tasks injected in the prompt context. This vulnerability stems from LLMs' inability to distinguish between data and...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/26 6:11 a.m.13 views

CVE-2025-29045

Buffer Overflow vulnerability in ALFACAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newaptext0 key value...

9.8CVSS8AI score0.00938EPSS
Exploits1References1
Akamai Blog
Akamai Blog
added 2025/04/22 10:20 a.m.7 views

Routing in Spin Apps with Hono

Learn how to use Hono to build full-fledged HTTP APIs with Spin and TypeScript, including middleware, route parameters, and key-value store integration...

5.8AI score
Exploits0
Fedora
Fedora
added 2025/04/21 4:47 p.m.11 views

[SECURITY] Fedora 41 Update: rust-litemap-0.7.3-5.fc41

A key-value Map implementation based on a flat, sorted Vec...

7.3AI score
Exploits0
Fedora
Fedora
added 2025/04/21 1:41 a.m.8 views

[SECURITY] Fedora 40 Update: rust-litemap-0.7.3-5.fc40

A key-value Map implementation based on a flat, sorted Vec...

7.3AI score
Exploits0
Fedora
Fedora
added 2025/04/20 4:23 a.m.8 views

[SECURITY] Fedora 42 Update: rust-litemap-0.7.3-5.fc42

A key-value Map implementation based on a flat, sorted Vec...

7.3AI score
Exploits0
OSV
OSV
added 2025/04/17 3:15 p.m.6 views

CVE-2025-29045

Buffer Overflow vulnerability in ALFACAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newaptext0 key value...

9.8CVSS6.1AI score0.00938EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/04/17 12:0 a.m.9 views

CVE-2025-29042

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c...

7.9AI score0.01563EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/04/17 12:0 a.m.29 views

CVE-2025-29045

Buffer Overflow vulnerability in ALFACAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newaptext0 key value...

0.00938EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/17 12:0 a.m.36 views

CVE-2025-29042

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c...

0.01563EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.8 views

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, arises from deficiencies in access control. This vulnerability allows an attacker to gain read, modify, or delete access to data stored in the KV Store (Key Value Store).

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read,...

4.3CVSS5.5AI score0.003EPSS
Exploits0References2Affected Software2
NCSC
NCSC
added 2025/03/27 9:18 a.m.51 views

Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform

Splunk fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform The vulnerabilities allow low-privileged users to abuse higher user privileges, which can lead to unauthorized actions and access to sensitive information. This can occur through phishing attacks and Cross-Site Request...

8.7CVSS6.8AI score0.13987EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/03/26 10:24 p.m.26 views

CVE-2025-20230 Missing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway App

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could edit and delete other user data in App Key Value...

4.3CVSS0.003EPSS
Exploits0References1
Rows per page
Query Builder