InfoQ Homepage CVE Content on InfoQ

News

RSS Feed

Development

Redis Critical Remote Code Execution Vulnerability Discovered after 13 Years

Redis recently released a security advisory regarding CVE-2025-49844. This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute remote code on older versions of Redis and Valkey with Lua scripting enabled. Developers are urged to upgrade to patched releases as soon as possible.

Renato Losio
on Nov 08, 2025
Development

Goodbye CVE? European Vulnerability Database EUVD Now Live

The European Union Agency for Cybersecurity (ENISA) has recently launched the beta of the European Vulnerability Database (EUVD), a new public platform operating alongside, but independently from, the widely used Common Vulnerabilities and Exposures (CVE) system. The new platform aims to improve coordination and transparency in vulnerability handling within the EU.

Renato Losio
on Jun 03, 2025
Development

Cloudflare Application Security Report Highlights Surge in DDoS Attacks and CVE Exploits

Cloudflare recently released its 2024 Application Security Report, offering recommendations and insights on addressing many raised concerns. A key finding of the report is the increase in malicious traffic, driven by geopolitical events and voting seasons.

Renato Losio
on Jul 31, 2024
Development

Cloudflare, Google and AWS Disclose HTTP/2 Zero-Day Vulnerability

On October 10th, Cloudflare, Google, and AWS disclosed a novel zero-day vulnerability attack known as the "HTTP/2 Rapid Reset." This attack exploits a weakness in the HTTP/2 protocol to generate enormous Distributed Denial of Service (DDoS) attacks, up to almost 400 million requests per second (rps).

Renato Losio
on Nov 05, 2023

Unlock the full InfoQ experience

Don't have an InfoQ account?

Topics

How to Use Apache Spark to Craft a Multi-Year Data Regression Testing and Simulations Framework

Scaling Cloud and Distributed Applications: Lessons and Strategies

GenAI Security: Defending Against Deepfakes and Automated Social Engineering

Empathy Driven Platforms: You Build It, Let’s Run It Together

Hybrid Cloud-Native Networking in Enterprise - Some Assembly Required

Helpful links

Choose your language

News

Redis Critical Remote Code Execution Vulnerability Discovered after 13 Years

Goodbye CVE? European Vulnerability Database EUVD Now Live

Cloudflare Application Security Report Highlights Surge in DDoS Attacks and CVE Exploits

Cloudflare, Google and AWS Disclose HTTP/2 Zero-Day Vulnerability

Lessons Learned in Migrating to Micro-Frontends by Luca Mezzalira at QCon SF

How to Use Apache Spark to Craft a Multi-Year Data Regression Testing and Simulations Framework

Rust at the Core: Accelerating Polyglot SDK Development by Spencer Judge at QCon SF 2025

Grab Adds Real-Time Data Quality Monitoring to Its Platform

Karrot Improves Conversion Rates by 70% with New Scalable Feature Platform on AWS

Scaling Cloud and Distributed Applications: Lessons and Strategies

Growing Yourself as a Software Engineer, Using AI to Develop Software

Empathy Driven Platforms: You Build It, Let’s Run It Together

Authenticity Over Convention: Lessons from 16 Years of Solo Game Development

Memori Expands into a Full-Scale Memory Layer for AI Agents across SQL and MongoDB

How Discord Scaled its ML Platform from Single-GPU Workflows to a Shared Ray Cluster

GenAI Security: Defending Against Deepfakes and Automated Social Engineering

Hybrid Cloud-Native Networking in Enterprise - Some Assembly Required

NVIDIA Dynamo Addresses Multi-Node LLM Inference Challenges

System Initiative Unveils Expansion with Real-Time Multi-Cloud Discovery and Automation

QCon AI New York

QCon London

QCon AI Boston

InfoQ Software Architects' Newsletter

News