CVE-2025-68803

A flaw was found in the Linux kernel's NFSv4 server implementation. When an NFSv4 client creates a file and specifies an ACL with named principals, the server fails to apply the requested ACL. The nfsdcreatesetattr function checks only for iattr changes and security labels but not POSIX ACLs,...

CVE-2023-1250 Code execution through ACL creation

Improper Input Validation vulnerability in OTRS AG OTRS ACL modules, OTRS AG OTRS Community Edition ACL modules allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0...