Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method. Date published : 2017-03-23 http://www.securityfocus.com/bid/95679 https://plone.org/security/hotfix/20170117/sandbox-escape
QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file. Date published : 2017-03-23 http://www.securityfocus.com/bid/97056 http://www.securityfocus.com/bid/97072
Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the –shell argument. Date published : 2017-03-23 http://www.securityfocus.com/bid/97385 Release Notes
Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the –allow-debuggers argument. Date published : 2017-03-23 http://www.securityfocus.com/bid/97120 Release Notes
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file. Date published : 2017-03-22 http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13
magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). Date published : 2017-03-22 http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash). Date published : 2017-03-22 http://www.openwall.com/lists/oss-security/2016/06/02/13
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file. Date published : 2017-03-22 http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. Date published : 2017-03-22 http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. Date published : 2017-03-22 http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13
Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. Date published : 2017-03-22 http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. Date published : 2017-03-22 http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13
pngdefry through 2017-03-22 is prone to a heap-based buffer-overflow vulnerability because it fails to properly process a specially crafted png file. This issue affects the ‘process()’ function of the ‘pngdefry.c’ source file. Date published...
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request. Date published : 2017-03-22 http://www.securityfocus.com/bid/97195 https://www.exploit-db.com/exploits/41666/