Many HTTP servers, especially on routers and other network device, have well-known default user credentials. In many cases, these default credentials are not changed by the administrator. An attacker might scan the network in order to discover such devices, and use these default credentials to log into the system and gain complete control over the server or network device.

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.

A type confusion vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file with an affected version of Adobe Acrobat or Adobe Reader .

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file.

A memory corruption vulnerability exists in Adobe Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker could trigger this issue via a specially crafted JPEG file.

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.

A remote code execution vulnerability exists in the modeline component of Vim due to insufficient input validation when parsing the filetype, syntax, and keymap options in modelines. A remote unauthenticated attacker can exploit this vulnerability by enticing a user to open a file containing a malicious modeline in Vim. Successful exploitation can result in arbitrary command execution in the context of the current user.

Many campaigns are known to use mail attachments containing double zipped files. A remote attacker could send e-mails including such files and convince users to manually trigger their execution. This would allow the malicious code to run and infect the target system.

A remote code execution vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Reader and Acrobat while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.

A denial-of-service vulnerability exists in PowerDNS Authoritative Server. The vulnerability is due to an error in processing queries with the dot character inside. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted DNS packet to the target application that could lead to excessive resources being consumed, resulting in a denial of service condition.