Ubuntu Security Notice 2733-1 – It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

Ubuntu Security Notice 2734-1 – It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

Ubuntu Security Notice 2732-1 – Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel.

Multiple buffer overflow vulnerabilities have been identified in Yahoo! Messenger versions 11.5.0.228 and below.

EMC Documentum Content Server includes a privilege escalation vulnerability that could potentially be exploited by malicious, regular users to perform certain actions as the superuser. Unprivileged Content Server users may potentially escalate their privileges to become a superuser by creating and performing malicious operations on dm_job objects. This is due to improper authorization checks being performed on such objects and some of their attributes. The previous fix for CVE-2014-4626 was incomplete. Versions 7.2 and below are affected.

Zhone ADSL2+ 4P Bridge bridge and router suffers from authentication bypass and information disclosure vulnerabilities.

Checkmarx CxQL versions 7.1.5 and below suffer from a sandbox bypass vulnerability.

Avaya one-X Agent version 2.5 SP2 suffers from having a hard-coded key and various cryptography use issues.

OpenDocMan version 1.3.2. suffers from a cross site scripting vulnerability.