mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an “exceptional URL” in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL.

Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.

SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.

Firejail does not restrict access to –tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.

A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836.

Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.

Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.

RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).