CVE-2016-6349

The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command...

Swift: unauthorized deletion of versioned Swift object

A flaw was found in OpenStack Object Storage that could allow an authenticated user to delete the most recent version of a versioned object regardless of ownership. To exploit this flaw, an attacker must know the name of the object and have listing access to the x-versions-location container...