ESAA-Security: An Event-Sourced, Verifiable Architecture for Agent-Assisted Security Audits of AI-Generated Code

AI-assisted software generation has increased development speed, but it has also amplified a persistent engineering problem: systems that are functionally correct may still be structurally insecure. In practice, prompt-based security review with large language models often suffers from uneven...

CVE-1999-0323

FreeBSD mmap function allows users to modify append-only or immutable files...

[SECURITY] Fedora 41 Update: valkey-8.0.6-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

EUVD-2010-2541

Malware in sbrugna...

EUVD-1999-0323

Malware in sbrugna...

EUVD-2010-2085

Malware in sbrugna...

redis-check-aof may lead to stack overflow and potential RCE

...

Zot IdP group membership revocation ignored

Summary The group data stored for users in the boltdb database meta.db is an append-list so group revocations/removals are ignored in the API. Details SetUserGroups is alled on login, but instead of replacing the group memberships, they are appended. This may be due to some conflict with the grou...

PT-2025-4847 · Boltdb +2 · Boltdb +2

Name of the Vulnerable Software and Affected Versions: zot versions prior to 2.1.2 Description: The issue arises from the way group data is stored for users in the boltdb database, specifically as an append-list. This leads to group revocations or removals being ignored in the API. When a user lo...

SUSE CVE-2010-2066

The mextcheckarguments function in fs/ext4/moveextent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVEEXT ioctl call that specifies this file as a donor...

SUSE CVE-2010-2537

The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...

Multiple storage slot collisions between versions - due to different order in declaration

Lines of code Vulnerability details Impact If we list the sequence of how variables receive slots, we will see the failure to follow "append-only" principle. Many variable added "in-between" V2 version can read/write wrong slots. Proof of Concept Here is the table/list of variable, built taking...

CVE-2010-2537

The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...

Venafi to Launch Certificate Transparency Log

Three weeks after the first non-Google public log for Certificate Transparency was launched by DigiCert, officials at Venafi said that the company plans to debut its own public CT log. On Jan. 1 Google approved the use of DigiCert’s log, the first CT log that is independent and not operated by...

CVE-2010-2537

The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...

CVE-2010-2537

The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...

CVE-2010-2537

The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...

PT-2010-4090 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.35 Description: The issue allows local users to overwrite an append-only file. This can be achieved via a BTRFS IOC CLONE or BTRFS IOC CLONE RANGE ioctl call that specifies the append-only file as a donor...

Design/Logic Flaw

The mextcheckarguments function in fs/ext4/moveextent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVEEXT ioctl call that specifies this file as a donor...

CVE-2010-2066

The mextcheckarguments function in fs/ext4/moveextent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVEEXT ioctl call that specifies this file as a donor...