Apple Security Advisory 2016-10-24-1 – iOS 10.1 is now available and addresses information leaks, code execution, and various other vulnerabilities.

Apple macOS version 10.12.1 and iOS version 10 suffer from man-in-the-middle and denial of service issues with SecureTransport SSL handshakes.

Microsoft Windows x86 NDISTAPI privilege escalation exploit that leverages the vulnerability outlined in MS11-062.

Red Hat Security Advisory 2016-2098-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

Debian Linux Security Advisory 3698-1 – Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

Ubuntu Security Notice 3107-2 – It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.

Orange Inventel LiveBox version 5.08.3-sp suffers from a cross site request forgery vulnerability.

EC-CUBE version 2.12.6 suffers from a server-side request forgery vulnerability.

Zenbership version 1.07 suffers from cross site request forgery, and cross site scripting vulnerabilities.