Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.

RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).

modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.

SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).

Firejail does not properly clean environment variables, which allows local users to gain privileges.

The “Smart related articles” extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check).

The “Smart related articles” extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method).

The “Smart related articles” extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability).