402 matches found
Apache Kvrocks 安全漏洞
Apache Kvrocks is a distributed key-value NoSQL database from the Apache USA Foundation. Apache Kvrocks suffers from an elevation of privilege vulnerability that is caused by improper privilege management in the RESET command. An attacker can exploit this vulnerability to gain administrator...
CacheTrap: Injecting Trojans in LLMs without Leaving Any Traces in Inputs or Weights
Adversarial weight perturbation has emerged as a concerning threat to LLMs that either use training privileges or system-level access to inject adversarial corruption in model weights. With the emergence of innovative defensive solutions that place system- and algorithm-level checks and correctio...
GHSA-7XCV-9J6C-2FMC Modular Max Serve has Unsafe Deserialization vulnerability
Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code...
Whose Narrative Is It Anyway? A KV Cache Manipulation Attack
The Key ValueKV cache is an important component for efficient inference in autoregressive Large Language Models LLMs, but its role as a representation of the model's internal state makes it a potential target for integrity attacks. This paper introduces "History Swapping," a novel block-level...
BIT-CONSUL-2025-11374 Consul's KV endpoint is vulnerable to denial of service
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
GO-2025-4081 Consul key/value endpoint is vulnerable to denial of service in github.com/hashicorp/consul
Consul key/value endpoint is vulnerable to denial of service in github.com/hashicorp/consul...
GHSA-7G3R-8C6V-HFMR Consul key/value endpoint is vulnerable to denial of service
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
Allocation of Resources Without Limits or Throttling
Overview github.com/hashicorp/consul/agent is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...
Consul key/value endpoint is vulnerable to denial of service
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
CVE-2025-11374
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
DEBIAN-CVE-2025-11374
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
UBUNTU-CVE-2025-11374
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
CVE-2025-11374
CVE-2025-11374 affects HashiCorp Consul and Consul Enterprise, specifically the key/value endpoint, due to incorrect Content Length header validation leading to DoS. IBM’s security bulletin documents affected versions: Consul Community Edition 0.0.1–1.21.5 and Consul Enterprise 1.21.0–1.21.51.20....
CVE-2025-11374 Consul's KV endpoint is vulnerable to denial of service
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
CVE-2025-11374 Consul's KV endpoint is vulnerable to denial of service
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
CVE-2025-11374
Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
[SECURITY] Fedora 43 Update: valkey-8.1.4-2.fc43
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
EUVD-2017-18920
Valve's Source SDK source-sdk-2013's ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function nexttoken copies characters from an input string into a fixed-size stack buffer without performing bounds checks. When ParseKeyValue processes a collisionpa...
[SECURITY] Fedora 41 Update: valkey-8.0.6-1.fc41
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
[SECURITY] Fedora 42 Update: valkey-8.0.6-1.fc42
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...