Lucene search
K

1226 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.10 views

PT-2026-38941

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug exists in the Btrfs file system where the kernel may crash if the file system switches to read-only RO mode during a read-repair operation. This occurs when a critical error, such ...

5.5CVSS5.4AI score0.00117EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: do not ASSERT when the fs flips RO inside btrfsrepairiofailure BUG There is a bug report that when btrfs hits ENOSPC error in a critical path, btrfs flip...

5.5CVSS6AI score0.00117EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.12 views

Root-Cause-Driven Automated Vulnerability Repair

Recent LLM-based systems have made automated vulnerability repair increasingly practical, but two challenges remain. First, without strong signals about where a bug originates, repair agents drift toward shallow edits that silence the observed failure while leaving the underlying defect unresolve...

5.9AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/04 5:28 p.m.7 views

org.apache.atlas:atlas-catalog (>=0.8-incubating <=0.8.4), org.apache.atlas:atlas-index-repair-tool (>=2.2.0 <=2.4.0) +2 more potentially affected by CVE-2026-40563 via org.apache.atlas:atlas-repository (>=0.8-incubating <=2.4.0)

org.apache.atlas:atlas-repository MAVEN version =0.8-incubating, =0.8-incubating, =2.2.0, =0.8.3, =0.8-incubating, =2.4.0 Source cves: CVE-2026-40563 Source advisory: SNYK:JAVA-ORGAPACHEATLAS-16422860...

8.1CVSS5.8AI score0.00464EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/03 12:0 a.m.6 views

VulKey: Automated Vulnerability Repair Guided by Domain-Specific Repair Patterns

The increasing prevalence of software vulnerabilities highlights the need for effective Automatic Vulnerability Repair AVR tools. While LLM-based approaches are promising, they struggle to incorporate structured security knowledge from sources like CWE and NVD. Current methods either use this...

5.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/23 1:24 a.m.20 views

SUSE CVE-2026-33608

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

9.8CVSS5.8AI score0.00383EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-33608

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to...

9.8CVSS5.8AI score0.00383EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/22 3:31 p.m.7 views

EUVD-2026-24945

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

7.4CVSS5.8AI score0.00383EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 2:16 p.m.4 views

DEBIAN-CVE-2026-33608

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

9.8CVSS5.3AI score0.00383EPSS
Exploits0References1
NVD
NVD
added 2026/04/22 2:16 p.m.4 views

CVE-2026-33608

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

9.8CVSS0.00383EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/04/22 2:0 p.m.3 views

CVE-2026-33608

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

9.8CVSS5.8AI score0.00383EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/22 2:0 p.m.4 views

CVE-2026-33608 Incomplete domain name sanitization during

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

7.4CVSS5.8AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/22 2:0 p.m.34 views

CVE-2026-33608 Incomplete domain name sanitization during

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

7.4CVSS0.00383EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/22 2:0 p.m.4 views

CVE-2026-33608

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

9.8CVSS5.3AI score0.00383EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34445

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

7.4CVSS5.8AI score0.00383EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/04/22 12:0 a.m.11 views

Towards Secure Logging: Characterizing and Benchmarking Logging Code Security Issues with LLMs

Logging code plays an important role in software systems by recording key events and behaviors, which are essential for debugging and monitoring. However, insecure logging practices can inadvertently expose sensitive information or enable attacks such as log injection, posing serious threats to...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/20 12:0 a.m.20 views

ARES: Adaptive Red-Teaming and End-To-End Repair of Policy-Reward System

Reinforcement Learning from Human Feedback RLHF is central to aligning Large Language Models LLMs, yet it introduces a critical vulnerability: an imperfect Reward Model RM can become a single point of failure when it fails to penalize unsafe behaviors. While existing red-teaming approaches...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Lenovo Software Fix 安全漏洞

Lenovo Software Fix is a system repair tool developed by the Chinese company Lenovo. Lenovo Software Fix has a security vulnerability, which stems from improper permission verification. This vulnerability may allow locally authenticated users to execute arbitrary code with elevated privileges...

8.5CVSS6.2AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 1:22 a.m.6 views

CVE-2026-36947

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/viewservice.php...

2.7CVSS5.9AI score0.0022EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/14 1:22 a.m.6 views

CVE-2026-36946

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/viewdetails.php...

2.7CVSS5.8AI score0.00284EPSS
Exploits1References1
Rows per page
Query Builder