Joomla Guru Pro component suffers from a remote SQL injection vulnerability.

Red Hat Security Advisory 2016-1428-01 – Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. Security Fix: A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter. This issue was discovered by David Gutierrez .

Red Hat Security Advisory 2016-1429-01 – Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. Security Fix: A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter.

Red Hat Security Advisory 2016-1427-01 – OpenShift Enterprise by Red Hat is the company’s cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: The Kubernetes API server contains a watch cache that speeds up performance. Due to an input validation error OpenShift Enterprise may return data for other users and projects when queried by a user. An attacker with knowledge of other project names could use this vulnerability to view their information.

Red Hat Security Advisory 2016-1425-01 – Nginx is a web and proxy server with a focus on high concurrency, performance, and low memory usage. The following packages have been upgraded to a newer upstream version: rh-nginx18-nginx. Security Fix: A NULL pointer dereference flaw was found in the nginx code responsible for saving client request body to a temporary file. A remote attacker could send a specially crafted request that would cause nginx worker process to crash.

Ubuntu Security Notice 3033-1 – Hanno Boeck discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. Marcin “Icewall” Noga discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

Joomla Zh GoogleMap component version 8.1.2.0 suffers from a remote blind SQL injection vulnerability.

SAP xMII version 15 suffers from a cross site scripting vulnerability.

SAP NetWeaver Enqueue Server version 7.4 suffers from a denial of service vulnerability.