SugarCRM versions 6.5.23 and below suffer from a PHP object injection vulnerability.

SugarCRM versions 6.5.18 and below suffer from a MySugar::addDashlet insecure fopen() usage that can lead to command injection, cross site scripting, and server-side request forgery exploitation.

SugarCRM versions 6.5.18 and below suffer from two PHP code injection vulnerabilities.

SugarCRM versions 6.5.18 and below suffer from a missing authorization check vulnerability.

SugarCRM versions 6.5.18 CE and below suffer from a SAML authentication XML external entity vulnerability.

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Red Hat Security Advisory 2016-1301-01 – The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a newer upstream version: kernel-rt.

Red Hat Security Advisory 2016-1333-01 – Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This asynchronous patch is a security update for JGroups package in Red Hat JBoss Enterprise Application Platform 7.0. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.

Red Hat Security Advisory 2016-1277-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory.