Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836.

Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.

Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.

RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).

modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.

SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).

Firejail does not properly clean environment variables, which allows local users to gain privileges.

Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.