Nexus 9 running Android version 7.1.1 build N4F26Q and below allows unauthorized access to the FIQ debugger via its headphones jack, which allows for information theft, weakening of ASLR, leaking of stack canaries, and more.
d9c74cae1b9537b3016fd597e2a6df39187b9c1c8e8133af3e28c32dcef00b7e
Ubuntu Security Notice 3230-1 - It was discovered that Pillow incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. Cris Neckar discovered that Pillow incorrectly handled certain malformed images. A remote attacker could use this issue to cause Pillow to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
4567359cee610c1b04db446afb56c869241835ed35475927c8df05f4fa248e88
Ubuntu Security Notice 3229-1 - It was discovered that the Python Imaging Library incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause the Python Imaging Library to crash, resulting in a denial of service. Cris Neckar discovered that the Python Imaging Library incorrectly handled certain malformed images. A remote attacker could use this issue to cause the Python Imaging Library to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
566781995fa869e79dd291a7fae8254b49124816bd9cda1d033a34a25f9cea04
Ubuntu Security Notice 3228-1 - Guido Vranken discovered that libevent incorrectly handled memory when processing certain data. A remote attacker could possibly use this issue with an application that uses libevent to cause a denial of service, or possibly execute arbitrary code.
386971fbf66a883ec79bf7a421b0fe0ebe1c725661d1c3a697d7254f90775ab1
Ubuntu Security Notice 3227-1 - It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
6c4f28c6df9553b4c737b8e41f4ace509dad9353d16efcc3966e4c00b414e8c0
Ubuntu Security Notice 3226-1 - Jerzy Kramarz discovered that icoutils incorrectly handled memory when processing certain files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause icoutils to crash, resulting in a denial of service, or possibly execute arbitrary code.
5d8f243dda8eeff262a9f453247a19a85687fd90f5858df517932e3b8cc6ac25
There is a security issue in VirtualBox in the shared folder implementation that permits cooperating guests with write access to the same shared folder to gain access to the whole filesystem of the host, at least on Linux hosts.
c9f9eb8f4f8c3c50564214f6ac29d40c1b3dcef3b36d17d859679d3dfbc1e023
Cerberus FTP Server version 8.0.10.1 suffers from a denial of service vulnerability.
9c7ca7860f3b891f186dc4c0f21ba4c571a143454f849a5b61bc80961d8d46ec
Joomla ALFContact component version 3.2.3 suffers from a remote SQL injection vulnerability.
2de83a11c1919fe15411eba3dbfba8be15072b09df5b908133a06641346e7147
Whitepaper discussing local file disclosure attacks via remote SQL injection.
940d4b6633aae1d9c2af7031f2faf416054ec79ee99ea8bae458b1ec6d9ba112
rldns is an open source lightweight DNS server for linux, netbsd, freebsd, and openbsd. Runs on x86 and x86_64 architectures.
c71120177f5b183bcef952217dff5bd599a68f725f3425068bd2537d987c5c04
Car Workshop System suffers from a remote SQL injection vulnerability.
5dba205b31cc50082a8779bfa1dbba9da5c1fd532023bcd7798557a3a6ca03cc