411 matches found
CVE-2025-11374 Consul's KV endpoint is vulnerable to denial of service
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
[SECURITY] Fedora 43 Update: valkey-8.1.4-2.fc43
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
EUVD-2017-18920
Valve's Source SDK source-sdk-2013's ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function nexttoken copies characters from an input string into a fixed-size stack buffer without performing bounds checks. When ParseKeyValue processes a collisionpa...
[SECURITY] Fedora 41 Update: valkey-8.0.6-1.fc41
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
[SECURITY] Fedora 42 Update: valkey-8.0.6-1.fc42
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
EUVD-2014-3170
Malware in sbrugna...
EUVD-2019-11493
Malware in sbrugna...
EUVD-2018-1004
Malware in sbrugna...
EUVD-2020-6320
Malware in sbrugna...
EUVD-2024-36402
Malicious code in bioql PyPI...
EUVD-2022-47485
Malicious code in bioql PyPI...
EUVD-2023-1807
Malicious code in bioql PyPI...
EUVD-2023-1281
Malicious code in bioql PyPI...
EUVD-2023-1459
Malicious code in bioql PyPI...
RLSA-2025:11401 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
GHSA-93MF-426M-G6X9 CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion
Summary The CoreDNS etcd plugin contains a TTL confusion vulnerability where lease IDs are incorrectly used as TTL values, enabling cache pinning for very long periods. This can effectively cause a denial of service for DNS updates/changes to affected services. Details In plugin/etcd/etcd.go, the...
Linux Distros Unpatched Vulnerability : CVE-2019-25043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a string index out of range error and worker-process crash for a Cookie: =abc...
Malicious code in key_value_model (npm)
The package keyvaluemodel was found to contain malicious code...
Shadow in the Cache: Unveiling and Mitigating Privacy Risks of KV-Cache in LLM Inference
The Key-Value KV cache, which stores intermediate attention computations Key and Value pairs to avoid redundant calculations, is a fundamental mechanism for accelerating Large Language Model LLM inference. However, this efficiency optimization introduces significant yet underexplored privacy risk...
Selective KV-Cache Sharing to Mitigate Timing Side-Channels in LLM Inference
Global KV-cache sharing has emerged as a key optimization for accelerating large language model LLM inference. However, it exposes a new class of timing side-channel attacks, enabling adversaries to infer sensitive user inputs via shared cache entries. Existing defenses, such as per-user isolatio...