AVideo Allows Unauthenticated Live Stream Control via Token Verification URL Override in control.json.php

Summary The standalone live stream control endpoint at plugin/Live/standAloneFiles/control.json.php accepts a user-supplied streamerURL parameter that overrides where the server sends token verification requests. An attacker can redirect token verification to a server they control that always...

UBUNTU-CVE-2016-7952

X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service infinite loop via a reply in the 1 XRecordStartOfData, 2 XRecordEndOfData, or 3 XRecordClientDied category without a client sequence and with attached data...