A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file.

A buffer overflow vulnerability exists in Real Networks Netzip Classic. The vulnerability is due to improper boundary check error while handling ZIP files. A remote attacker can exploit this vulnerability to execute an arbitrary code on the victim’s computer.

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.

An SQL injection vulnerability has been reported in dotCMS H2 Database. The vulnerability is due to insufficient validation of the inode parameter in HTTP request sent to the getCreateSortChildren function. A remote attacker could exploit this vulnerability by sending a malicious HTTP request to the target server.

A directory traversal vulnerability exists in Brocade Network Advisor. The vulnerability is due to lack of authentication and insufficient input validation in the FileReceiveServlet servlet when processing HTTP multipart form requests. A remote, unauthenticated attacker can exploit this vulnerability by sending a malicious HTTP request to the target system. Successful exploitation could result in arbitrary code execution with privileges of the SYSTEM.

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file.

A remote code execution vulnerability exist in Microsoft Server Message Block 1.0 (SMBv1). The vulnerability is due to the way SMBv1 service handles certain requests. An attacker who successfully exploited the vulnerability could gain code execution on the target server.

A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page.

An elevation of privilege vulnerability exists in Windows Kernel. The vulnerability is caused when the Windows kernel-mode driver fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by running a specially crafted application.

Security feature bypass exists in Microsoft Edge. The vulnerability is due to a breach in the way Microsoft Edge implements SOP (Same Origin Policy) for HTML elements present in other browser windows. A remote attacker could exploit this vulnerability by enticing a user to visit a maliciously crafted web-page. Successful exploitation of this vulnerability would allow an attacker to bypass the same origin policy and disclose sensitive information.