I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

This Metasploit module exploits a SQL injection vulnerability found in Joomla versions 3.2 up to 3.4.4. The vulnerability exists in the Content History administrator component in the core of Joomla. Triggering the SQL injection makes it possible to retrieve active Super User sessions. The cookie can be used to login to the Joomla administrator backend. By creating a new template file containing our payload, remote code execution is made possible.

ZTE ADSL ZXV10 W300 modems suffer from insufficient authorization controls, information disclosure, and a backdoor account feature.

ZTE ZXHN H108N R1A and ZXV10 W300 routers suffer from path traversal, information disclosure, improper authorization, and hard-coded credential vulnerabilities.

Atlassian Bamboo remote code execution exploit that leverages the java deserialization vulnerability as noted in CVE-2015-6576.

Debian Linux Security Advisory 3400-1 – Roman Fiedler discovered a directory traversal flaw in LXC, the Linux Containers userspace tools. A local attacker with access to a LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container.