CVE-2026-24708

An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user may convince Nova's Flat image backend to call qemu-img without a format restriction, resulting in a...

Docker Moby /proc/scsi Path Exposure Allows Host Data Loss (SCSI MICDROP)

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

CVE-2009-5117

The CVE-2009-5117 entry concerns McAfee Host Data Loss Prevention (DLP) with its Web Post Protection feature. Versions 3.x prior to 3.0.100.10 and 9.x prior to 9.0.0.422, when HTTP Capture mode is enabled, may let local users obtain sensitive information from web traffic by reading unspecified fi...

CVE-2009-5117

The Web Post Protection feature in McAfee Host Data Loss Prevention DLP 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files...