Several vulnerabilities have been discovered in the chromium web browser.

Several vulnerabilities were discovered in qemu, a fast processor
emulator.

Pyry Hakulinen and Ashish Shakla at Automattic discovered that pdns,
an authoritative DNS server, was incorrectly processing some DNS
packets; this would enable a remote attacker to trigger a DoS by
sending specially crafted packets causing the server to crash.

Several vulnerabilities were discovered in qemu-kvm, a full
virtualization solution on x86 hardware.

Hanno Boeck discovered that incorrect validation of DNSSEC-signed records
in the Bind DNS server could result in denial of service.

Several vulnerabilities were discovered in Drupal, a content management
framework:

Multiple security issues have been found in Iceweasel, Debian’s version
of the Mozilla Firefox web browser. The Common Vulnerabilities and
Exposures project identifies the following problems:

Multiple vulnerabilities have been discovered in the PHP language:

James Kettle, Alain Tiemblo, Christophe Coevoet and Fabien Potencier
discovered that twig, a templating engine for PHP, did not correctly
process its input. End users allowed to submit twig templates could
use specially crafted code to trigger remote code execution, even in
sandboxed templates.

Loren Maggiore of Trail of Bits discovered that the 3GP parser of VLC, a
multimedia player and streamer, could dereference an arbitrary pointer
due to insufficient restrictions on a writable buffer. This could allow
remote attackers to execute arbitrary code via crafted 3GP files.