Firejail does not restrict access to –tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.

A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836.

Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.

Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.

RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).

modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.

SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).