412 matches found
The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, relates to deficiencies in access control. This vulnerability allows a malicious actor to delete data from the KV Store (Key Value Store).
The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, is related to deficiencies in access control to the KV Store Key Value Store. Exploiting this vulnerability could...
[SECURITY] Fedora 39 Update: valkey-8.0.1-1.fc39
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
[SECURITY] Fedora 40 Update: valkey-8.0.1-1.fc40
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
[SECURITY] Fedora 41 Update: valkey-8.0.1-1.fc41
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
CVE-2024-45737
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...
CVE-2024-45737 Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...
CVE-2024-45737 Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store KVStore through a...
Splunk Enterprise和Splunk Secure Gateway 安全漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk...
PT-2024-7159 · Splunk · Splunk Cloud Platform +2
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6 Splunk Secure Gateway versions on Splunk Cloud Platform versions prior to 3.4.259 Splunk Secure Gateway versions on Splunk Cloud Platform versions prior to...
[SECURITY] Fedora 39 Update: redis-7.2.6-1.fc39
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
[SECURITY] Fedora 40 Update: redis-7.2.6-1.fc40
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
CVE-2024-41592
DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...
The vulnerability of the KV Service component in the Couchbase Server database management system for NoSQL databases allows attackers to disclose sensitive information.
The vulnerability of the KV Service component in the Couchbase Server database management system for NoSQL databases is related to insufficiently secure data encryption. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...
LF Edge eKuiper 安全漏洞
LF Edge eKuiper is an edge lightweight IoT data analytics software from LF Edge open source. A security vulnerability exists in LF Edge eKuiper versions prior to 1.14.2, which originates from a user can leverage SQL injection to execute malicious SQL queries via the Get method in sqlKvStore...
Couchbase Server 安全漏洞
Couchbase Server is a distributed open source NoSQL non-relational database from Couchbase, Inc. in the United States. It supports data query, full-text search and active global replication. A security vulnerability exists in Couchbase Server versions prior to 7.2.5 and versions 7.6.0 through...
CVE-2024-6122
An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which...
PT-2024-37398 · National Instruments · Ni Flexlogger +1
Name of the Vulnerable Software and Affected Versions: NI SystemLink Server versions prior to 2024 Q1 NI FlexLogger versions prior to 2023 Q2 Description: An issue with incorrect permissions in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may lead to...
CVE-2022-1941
A parsing vulnerability for the MessageSet type in the ProtocolBuffers can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input...
PT-2024-5971 · Couchbase · Couchbase Server
Name of the Vulnerable Software and Affected Versions: Couchbase Server versions prior to 7.2.5 Couchbase Server versions 7.6.0 through 7.6.0 Description: The issue is related to insufficient encryption of data in the Key-Value KV service of Couchbase Server. This could allow a remote attacker to...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update
An update for etcd is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...