CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

PT-2022-12968 · Xnio +1 · Xnio +1

Name of the Vulnerable Software and Affected Versions: XNIO versions prior to 3.x Description: A flaw was found in XNIO, specifically in the notifyReadClosed method, which was logging a message to another expected end. This issue allows an attacker to send flawed requests to a server, possibly...

DEBIAN-CVE-2019-12210

In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debugfile, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it...

[Opera 7] Arbitrary File Auto-Saved Vulnerability.

--------------------------------------------------------------------------------- TITLE : Opera 7 Arbitrary File Auto-Saved Vulnerability. -= For Whom The Remote Customizing Runs? =- PRODUCT : Opera 7 for Windows VERSIONS : 7.22 build 3221 JP:build 3222 7.21 build 3218 JP:build 3219 7.20 build 31...

Проблема в SSH с Kerberos

При использовании Kerberos-авторизации ticket ползователя хранится в файле "none" текущей директории а не в /tmp. В том случае, когда текущий каталог находится на сетевом дисек, есть вероятность его перехвата при передаче и ксопрометации учетной записи пользователя...