Red Hat Security Advisory 2015-1947-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.4 release serves as a replacement for JBoss Operations Network 3.3.3, and includes several bug fixes.
7985f8504d33b5359d0cb1b9da5f140779f3d93b6e6829d74931ef9435d3af97
Ubuntu Security Notice 2786-1 - It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service.
0de206bddf6f35ef3942536eb6df967551a94280864aed5e1211e819163b1d07
Ubuntu Security Notice 2784-1 - Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Various other issues were also addressed.
361521e12f4d7dea04ff6a4125094f31c67ae544ce4049867b34c71e1fdf5cbe
Debian Linux Security Advisory 3381-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, or denial of service.
ae67427fbd3a22aba6a14d7520425068fe4eb2167df41840936e47c3f096d239
Debian Linux Security Advisory 3380-1 - Two vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
73cc38128f5ff928532c8919b7f83e0b4029dbbcbad507a06238d5213b1a3b4d
Serendipity version 2.0.2 suffers from a stored cross site scripting vulnerability.
bafb55dacc02a9d144ad9401ff63b71c1218bf0cd283d5b42f8f20c2e6d803e4
The Samsung m2m1shot driver framework is used to provide hardware acceleration for certain media functions, such as JPEG decoding and scaling images. The driver endpoint (/dev/m2m1shot_jpeg) is accessible by the media server. The Samsung S6 Edge is a 64-bit device, so a compatibility layer is used to allow 32-bit processes to provide structures that are expected by the 64-bit driver. There is a stack buffer overflow in the compat ioctl for m2m1shot.
b0c5900d4ce52a323271b9224cc5fd02fc37af255afea06a937e89a8d81fdecd
The Samsung Graphics 2D driver (/dev/fimg2d) is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains a locking error which can lead to memory errors (such as use-after-free) due to a race condition.
a3f38084cb1d4d13978aaba6602e9965fb1df0bed4c3c2f913708f75b9b78245
The Exynos Seiren Audio driver has a device endpoint (/dev/seiren) that is accessible by either the system user or the audio group (such as the mediaserver). It was found that the write() implementation for this driver contains a buffer overflow vulnerability that overflows a static global buffer.
faf34e337128765e7e7cd244e5054952422e46472fdd20baad4de151245624d7
The SecEmailComposer/EmailComposer application used by the Samsung S6 Edge has an exported service action to do quick replies to emails. It was found that this action required no permissions to call, and could lead to an unprivileged application gaining access to email content.
594870b3ae98a33494d0b1c1cfe743d48fcdc6e5eb9a57bb9891ab2068f4be75