Redis has eloquently explained how it can be used for remote command execution if not securely configured to mitigate arbitrary access.
242d350f9f4267b8b7b3333e976644b434273c28d37e0fe9d940bc79a5df6408
HP Security Bulletin HPSBGN03426 1 - A potential security vulnerability has been identified with HP Mobility Software (MSM). This is the GNU C Library (glibc) vulnerability known as "GHOST" which could be exploited remotely resulting in execution of arbitrary code. Revision 1 of this advisory.
6091783b2289bfdb9b8675dbc360b5d56c867a5f613e76dfc179aa4453a06de0
Debian Linux Security Advisory 3355-2 - The previous update for libvdpau, DSA-3355-1, introduced a regression in the stable distribution (jessie) causing a segmentation fault when the DRI_PRIME environment variable is set.
5f6b60436fc44f548f0d7c2880baff541361567e433078e4d272b04b1e2cc027
HP Security Bulletin HPSBMU03518 1 - A potential security vulnerability has been identified with HP Vertica. The vulnerability could be exploited remotely resulting in code execution. Revision 1 of this advisory.
7f553141ec25ec06e07344ba7f76cf8c1897c2485ca17ca6109adefc7b0112c1
Debian Linux Security Advisory 3390-1 - It was discovered that the code to validate level 2 page table entries is bypassed when certain conditions are satisfied. A malicious PV guest administrator can take advantage of this flaw to gain privileges via a crafted superpage mapping.
8119581ed5cb3f63cfdf7d6b22d5d0dd0d8e6a293859d5eec789049da8ed88bd
Gentoo Linux Security Advisory 201511-1 - An attacker who already had access to the environment could so append values to parameters passed through programs. Versions less than 50c are affected.
209f309202d6754f30941951ee194eb7a30cb024c847b5ff228ec176307e9d64
A vulnerability has been discovered in the TR069 protocol that can potentially affect all Automatic Configuration Servers (ACS). The issue has been fixed in the Home Device Manager (HDM) product from Alcatel-Lucent with an anti-spoofing filter. HDM allows service providers to remotely manage CPEs, such as residential gateways, IP set-top boxes, and VoIP terminal adapters that comprise a home networking environment. The vulnerability allows an attacker to perform impersonation attacks by spoofing CPE using tr-069 (cwmp) Protocol. An attacker could gain unauthorized access to third-party SIP Credentials for the spoofed device and perform illegal activities (phone fraud). The vulnerability has been tested and confirmed. Versions prior to 4.1.10 may be affected.
bb13ec0be93a31f8e2c934935c308ea9e341daec05a508fc4772379dd2f84795
Chyrp CMS version 2.5.2 suffers from a cross site scripting vulnerability.
83bca201d29ab70c1bde980fbed88a3c5b010df44c4f99ec14e273e3548fa878
SQL Buddy version 1.3.3 suffers from a cross site scripting vulnerability.
095875585ce631e64d373c32b8720f8e6015352923ad899af5491bf668b70e5d
SQL Buddy version 1.3.3 suffers from a cross site request forgery vulnerability.
a94ff71a7a5790907a132bd1bfa4a5e909b013012819550128d21c9daaaeb079
DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
dbe801c6151945adda945e3a365ce75db328fcdd175a89c336887de3dc328e47
The Linksys X2000 suffers from a remote, unauthenticated command execution vulnerability that scores root privileges.
780ce5cf269501946fe350376b8f4c285c696d279123637112d467d5e14f3e90
Samsung Galaxy S6 Android.media.process face recognition memory corruption proof of concept exploit.
a5e7dfca54ad57cd87ac2d393d7a5abcda17cd922cada6c71474e80ae98e77e0
Samsung LibQjpeg suffers from a memory corruption vulnerability in the DCMProvider service when decoding an image.
5ac160d206c75cc91f847a1d4b2392558060e7cff39dcd58682c6c240637d514
Samsung Galaxy S6 LibQjpeg memory corruption proof of concept exploit.
00a3e0053aaaff6e526e5ce32b3ddb9478f66295e94d52e198a75a61fc3556ed
TeleGraph.co.uk suffered from a cross site scripting vulnerability.
8efa1ce3a3f77847ba55dfb66b1466c5f995d547154ef4f75cf573237dcbef4f
Various Daily Mail sites suffered from unvalidated redirect and cross site scripting vulnerabilities.
d676633b8b03fec3c166bca2036fd061d900f00156a3124c15ae666a2933efe0