EMC ViPR SRM versions prior to 3.7 suffer from multiple cross site request forgery vulnerabilities.

Oliver versions 1.3.0 and 1.3.1 suffer from reflective cross site scripting vulnerabilities.

SAP HANA version 102.02 suffers from a denial of service vulnerability.

SAP NetWeaver J2EE Engine version 7.40 suffers from a cross site scripting vulnerability.

HP Security Bulletin HPSBST03576 2 – A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed by HP P9000 and HP XP7 Command View Advanced Edition (CVAE) Suite including Device Manager and Tiered Storage Manager. The vulnerability could be exploited remotely to allow remote code execution. Revision 2 of this advisory.

Red Hat Security Advisory 2016-0561-02 – In accordance with the Red Hat Enterprise Linux Errata Support Policy, support for Red Hat Enterprise Linux 5 will be retired on March 31, 2017, at the end of Production Phase 3. Until that date, customers will continue to receive Critical impact security patches and selected urgent priority bug fixes for RHEL 5.11. On that date, active support included with your RHEL Premium or Standard subscription will conclude. This means that customers will continue to have access to all previously released content.

HP Security Bulletin HPSBMU03575 1 – HP Smart Update Manager (SUM) has addressed the following vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as “DROWN”, which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.

Ubuntu Security Notice 2917-3 – USN-2917-1 fixed vulnerabilities in Firefox. This update caused several web compatibility regressions. This update fixes the problem. Various other issues were also addressed.

HP Security Bulletin HPSBGN03555 1 – Potential security vulnerabilities have been identified with HPE Vertica Analytics Management Console. The vulnerabilities could be remotely exploited resulting in disclosure of sensitive information or execution of arbitrary code with root privileges. Revision 1 of this advisory.