Lucene search
K

402 matches found

CNNVD
CNNVD
added 2025/11/28 12:0 a.m.6 views

Apache Kvrocks 安全漏洞

Apache Kvrocks is a distributed key-value NoSQL database from the Apache USA Foundation. Apache Kvrocks suffers from an elevation of privilege vulnerability that is caused by improper privilege management in the RESET command. An attacker can exploit this vulnerability to gain administrator...

5.4CVSS5.8AI score0.00356EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/11/27 12:0 a.m.7 views

CacheTrap: Injecting Trojans in LLMs without Leaving Any Traces in Inputs or Weights

Adversarial weight perturbation has emerged as a concerning threat to LLMs that either use training privileges or system-level access to inject adversarial corruption in model weights. With the emergence of innovative defensive solutions that place system- and algorithm-level checks and correctio...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/18 9:32 p.m.4 views

GHSA-7XCV-9J6C-2FMC Modular Max Serve has Unsafe Deserialization vulnerability

Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code...

9.3CVSS7.4AI score0.00297EPSS
Exploits1References8
Packet Storm News
Packet Storm News
added 2025/11/16 12:0 a.m.3 views

Whose Narrative Is It Anyway? A KV Cache Manipulation Attack

The Key ValueKV cache is an important component for efficient inference in autoregressive Large Language Models LLMs, but its role as a representation of the model's internal state makes it a potential target for integrity attacks. This paper introduces "History Swapping," a novel block-level...

6.3AI score
Exploits0
OSV
OSV
added 2025/11/06 12:49 p.m.2 views

BIT-CONSUL-2025-11374 Consul's KV endpoint is vulnerable to denial of service

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS6.4AI score0.00399EPSS
Exploits0References2
OSV
OSV
added 2025/11/05 6:41 p.m.2 views

GO-2025-4081 Consul key/value endpoint is vulnerable to denial of service in github.com/hashicorp/consul

Consul key/value endpoint is vulnerable to denial of service in github.com/hashicorp/consul...

6.5CVSS6.9AI score0.00399EPSS
Exploits0References6
OSV
OSV
added 2025/10/28 9:30 p.m.3 views

GHSA-7G3R-8C6V-HFMR Consul key/value endpoint is vulnerable to denial of service

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS6.8AI score0.00399EPSS
Exploits0References7
Snyk
Snyk
added 2025/10/28 9:30 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview github.com/hashicorp/consul/agent is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...

7.1CVSS6.6AI score0.00399EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/10/28 9:30 p.m.14 views

Consul key/value endpoint is vulnerable to denial of service

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS6.7AI score0.00399EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2025/10/28 9:15 p.m.3 views

CVE-2025-11374

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS0.00399EPSS
Exploits0References1
OSV
OSV
added 2025/10/28 9:15 p.m.1 views

DEBIAN-CVE-2025-11374

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS5.2AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2025/10/28 9:15 p.m.2 views

UBUNTU-CVE-2025-11374

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS5.8AI score0.00399EPSS
Exploits0References3
CVE
CVE
added 2025/10/28 8:19 p.m.17 views

CVE-2025-11374

CVE-2025-11374 affects HashiCorp Consul and Consul Enterprise, specifically the key/value endpoint, due to incorrect Content Length header validation leading to DoS. IBM’s security bulletin documents affected versions: Consul Community Edition 0.0.1–1.21.5 and Consul Enterprise 1.21.0–1.21.51.20....

6.5CVSS6.3AI score0.00399EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/10/28 8:19 p.m.12 views

CVE-2025-11374 Consul's KV endpoint is vulnerable to denial of service

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS0.00399EPSS
Exploits0References1
OSV
OSV
added 2025/10/28 8:19 p.m.3 views

CVE-2025-11374 Consul's KV endpoint is vulnerable to denial of service

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS6.6AI score0.00399EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/10/28 8:19 p.m.4 views

CVE-2025-11374

Consul and Consul Enterprise’s “Consul” key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This vulnerability, CVE-2025-11374, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

6.5CVSS5.2AI score0.00399EPSS
Exploits0
Fedora
Fedora
added 2025/10/25 9:17 p.m.8 views

[SECURITY] Fedora 43 Update: valkey-8.1.4-2.fc43

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.9CVSS7.1AI score0.86767EPSS
Exploits15
EUVD
EUVD
added 2025/10/15 1:23 a.m.5 views

EUVD-2017-18920

Valve's Source SDK source-sdk-2013's ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function nexttoken copies characters from an input string into a fixed-size stack buffer without performing bounds checks. When ParseKeyValue processes a collisionpa...

9.2CVSS8AI score0.00632EPSS
Exploits0References4
Fedora
Fedora
added 2025/10/13 2:4 a.m.6 views

[SECURITY] Fedora 41 Update: valkey-8.0.6-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.9CVSS7.1AI score0.86767EPSS
Exploits15
Fedora
Fedora
added 2025/10/13 12:42 a.m.6 views

[SECURITY] Fedora 42 Update: valkey-8.0.6-1.fc42

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.9CVSS7.1AI score0.86767EPSS
Exploits15
Rows per page
Query Builder