Raritan PowerIQ versions 4.1, 4.2, and 4.3 ship with a Rails 2 web interface with a hardcoded session secret. This can be used to achieve unauthenticated remote code execution as the nginx user on vulnerable systems.

WordPress Huge IT Slider plugin version 2.6.8 suffers from multiple remote SQL injection vulnerabilities.

Ubuntu Security Notice 2525-1 – It was discovered that the Linux kernel’s Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

Ubuntu Security Notice 2527-1 – It was discovered that the Linux kernel’s Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

Ubuntu Security Notice 2526-1 – It was discovered that the Linux kernel’s Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

Ubuntu Security Notice 2530-1 – It was discovered that the Linux kernel’s Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

Ubuntu Security Notice 2528-1 – It was discovered that the Linux kernel’s Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

Ubuntu Security Notice 2529-1 – It was discovered that the Linux kernel’s Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.