Several issues were discovered in mysql-connector-java that allow attackers to execute arbitrary code, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of the data.
It was discovered that there was a directory traversal attack vulnerability in the web user interface web in the deluge bittorrent client. For Debian 7 "Wheezy", this issue has been fixed in deluge version
CVE-2017-7885 Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow
Dawid Golunski and Filippo Cavallarin discovered that squirrelmail, a webmail application, incorrectly handled a user-supplied value. This would allow a logged-in user to run arbitrary commands on the server.