A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file. Successful exploitation would allow an attacker to execute arbitrary code on the target.

An attacker may attempt to gain access to email accounts by repeatedly trying to log in using various passwords, eventually finding the correct one, a technique known as “Brute Force”. Successful exploitation may result in an unauthorized access to an email account.

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file. Successful exploitation would allow an attacker to execute arbitrary code on the target.

A cross-site request forgery (CSRF) vulnerability has been reported in WordPress Mobile Domain Plugin. An attacker could exploit this vulnerability by convincing the user to follow a malicious link or visit an attacker controlled website.

A code execution vulnerability exists in RPM package manager. The vulnerability is due to an integer overflow when parsing the CPIO header in the payload section of an RPM file, leading to a stack buffer overflow. A remote attacker can exploit this vulnerability by enticing a user to install a maliciously modified signed RPM package.

A code execution vulnerability has been reported in Schneider Electric ProClima. The vulnerability is due to a heap buffer overflow when processing user supplied parameter input to SetHtmlFileName in the Atx45.ocx ActiveX control. A remote unauthenticated attacker could exploit this vulnerability by enticing a user into opening a specially crafted web page.

An SQL injection vulnerability has been reported in WordPress Survey and Poll Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.

An unauthorized file upload vulnerability has been reported in WordPress Shopping Cart Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.

A buffer overflow vulnerability exists in SAP SQL Anywhere .NET Data Provider. The vulnerability is caused by insufficient boundary checks in the handling of column aliases. If an application allows untrusted input to be used as the column alias in an SQL query, by sending crafted requests to the application, an attacker can overflow a stack-based buffer. A successful attack will result in arbitrary code execution in the context of the application.

An unauthorized file upload vulnerability has been reported in WordPress Photo Gallery Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.