Lucene search
+L

412 matches found

BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.9 views

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, relates to deficiencies in access control. This vulnerability allows a malicious actor to delete data from the KV Store (Key Value Store).

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, is related to deficiencies in access control to the KV Store Key Value Store. Exploiting this vulnerability could...

4.3CVSS5.4AI score0.00349EPSS
Exploits0References3Affected Software2
Fedora
Fedora
added 2024/10/16 1:34 a.m.30 views

[SECURITY] Fedora 39 Update: valkey-8.0.1-1.fc39

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS6.9AI score0.04495EPSS
Exploits1
Fedora
Fedora
added 2024/10/16 1:8 a.m.28 views

[SECURITY] Fedora 40 Update: valkey-8.0.1-1.fc40

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS7.1AI score0.04495EPSS
Exploits1
Fedora
Fedora
added 2024/10/15 3:23 p.m.19 views

[SECURITY] Fedora 41 Update: valkey-8.0.1-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS6.9AI score0.04495EPSS
Exploits1
OSV
OSV
added 2024/10/14 5:15 p.m.2 views

CVE-2024-45737

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...

3.5CVSS5.8AI score0.00214EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/14 5:3 p.m.19 views

CVE-2024-45737 Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...

4.3CVSS7AI score0.00214EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/14 5:3 p.m.26 views

CVE-2024-45737 Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...

4.3CVSS0.00214EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/14 12:0 a.m.7 views

Splunk Enterprise和Splunk Secure Gateway 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk...

4.3CVSS6.7AI score0.00349EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/14 12:0 a.m.8 views

PT-2024-7159 · Splunk · Splunk Cloud Platform +2

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6 Splunk Secure Gateway versions on Splunk Cloud Platform versions prior to 3.4.259 Splunk Secure Gateway versions on Splunk Cloud Platform versions prior to...

4.3CVSS6.7AI score0.00349EPSS
Exploits0References10
Fedora
Fedora
added 2024/10/12 1:52 a.m.21 views

[SECURITY] Fedora 39 Update: redis-7.2.6-1.fc39

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

8.8CVSS7.1AI score0.04495EPSS
Exploits1
Fedora
Fedora
added 2024/10/12 1:41 a.m.23 views

[SECURITY] Fedora 40 Update: redis-7.2.6-1.fc40

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

8.8CVSS7.1AI score0.04495EPSS
Exploits1
Cvelist
Cvelist
added 2024/10/03 12:0 a.m.26 views

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

0.01397EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/09/09 12:0 a.m.6 views

The vulnerability of the KV Service component in the Couchbase Server database management system for NoSQL databases allows attackers to disclose sensitive information.

The vulnerability of the KV Service component in the Couchbase Server database management system for NoSQL databases is related to insufficiently secure data encryption. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

3.1CVSS5.4AI score0.00158EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.5 views

LF Edge eKuiper 安全漏洞

LF Edge eKuiper is an edge lightweight IoT data analytics software from LF Edge open source. A security vulnerability exists in LF Edge eKuiper versions prior to 1.14.2, which originates from a user can leverage SQL injection to execute malicious SQL queries via the Get method in sqlKvStore...

8.8CVSS7.6AI score0.00894EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/07/26 12:0 a.m.3 views

Couchbase Server 安全漏洞

Couchbase Server is a distributed open source NoSQL non-relational database from Couchbase, Inc. in the United States. It supports data query, full-text search and active global replication. A security vulnerability exists in Couchbase Server versions prior to 7.2.5 and versions 7.6.0 through...

5.9CVSS6.7AI score0.00158EPSS
Exploits0References2
OSV
OSV
added 2024/07/22 8:15 p.m.5 views

CVE-2024-6122

An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.6 views

PT-2024-37398 · National Instruments · Ni Flexlogger +1

Name of the Vulnerable Software and Affected Versions: NI SystemLink Server versions prior to 2024 Q1 NI FlexLogger versions prior to 2023 Q2 Description: An issue with incorrect permissions in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may lead to...

5.5CVSS6.8AI score0.00239EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/06/12 10:54 a.m.25 views

CVE-2022-1941

A parsing vulnerability for the MessageSet type in the ProtocolBuffers can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input...

6.5CVSS6.7AI score0.01191EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/05/31 12:0 a.m.4 views

PT-2024-5971 · Couchbase · Couchbase Server

Name of the Vulnerable Software and Affected Versions: Couchbase Server versions prior to 7.2.5 Couchbase Server versions 7.6.0 through 7.6.0 Description: The issue is related to insufficient encryption of data in the Key-Value KV service of Couchbase Server. This could allow a remote attacker to...

5.9CVSS7AI score0.00158EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/05/23 3:28 p.m.64 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.5CVSS7.1AI score0.99999EPSS
Exploits20References10
Rows per page
Query Builder