A code execution vulnerability exists in Drupal RESTful Web Services (RESTWS) Module. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.

Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. A remote attacker could exploit these vulnerabilities by enticing authenticated users to click on a crafted link, performing a man-in-the-middle attack, and crafted HTTP requests. Successful exploitation could allow the attacker to hijack a user session, gain access to administrator credentials, and gain access to confidential information.

A Cross Site Request Forgery vulnerability has been reported in the Symantec Endpoint Protection Manager. The vulnerability is due to insufficient CSRF protections. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to visit a page. Successful exploitation could allow the attacker to spoof requests to the server as if from the target user.

An overflow vulnerability exists in authentication cookie on Fortinet firewalls. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected system.

A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software has been reported. A remote attacker could exploit the vulnerability to remotely execute arbitrary code on the affected system.

Telnet is an internet protocol that provides access to remote computers using a virtual terminal. A remote attacker may use an open Telnet service to run arbitrary code on the victim machine.

A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Reader handles certain API functions, that could lead to bypass restrictions. A remote attacker can exploit this issue by enticing a target user to open a specially crafted PDF file.

A code execution vulnerability exists in Drupal CODER Module. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file.

The vulnerability is due to improper parsing of XML HmiSet Type attribute of LeviStudio project files. A remote attacker could exploit this vulnerability by enticing a user to open a crafted project file. Successful exploitation could allow the attacker to execute arbitrary code under the security context of the user process.