A stack overflow exists in VUPlayer. The vulnerability is due to improper boundary checking of user-supplied input when processing CUE files. By enticing a victim to open a malicious CUE file, a remote attacker could execute arbitrary code on the affected system.

A stack buffer overflow vulnerability exists in SafeNet SoftRemote Security Policy Editor. The vulnerability is due to insufficient input validation while handling a specially formatted security policy. Successful exploitation could lead to arbitrary code execution in the security context of the target user.

A policy bypass vulnerability has been reported in Microsoft Edge. This vulnerability is due improper enforcement of cross-domain policies with pages that have an empty document.domain property. A remote attacker could exploit this vulnerability by enticing a user to visit a maliciously crafted web-page. Successful exploitation of this vulnerability would allow an attacker to bypass the same origin policy and disclose sensitive information.

A buffer overflow vulnerability exists in Total Video Player. The vulnerability is due to improper parsing of parameters in the Settings.ini. A remote attacker could exploit this vulnerability by enticing a user to open a malformed Settings.ini file.

A stack-based buffer overflow exists in Audiotran 1.4.1. A remote attacker could trigger this vulnerability by enticing a victim to open a crafted file. Successful exploitation would allow remote attackers to execute arbitrary code via a long string in a playlist (.pls) file.

A buffer overflow exists in Altap Salamander. A remote attacker could trigger this vulnerability by creating a malicious file and convincing a user to view the file with the Portable Executable Viewer plugin within a vulnerable version of Salamander. Successful exploitation would allows remote attackers to execute arbitrary code via the PDB file.

Campaigns of malvertising, redirecting to malicious web pages, have been identified. Successful exploitation could result in remote code execution on the target system once the malicious page is loaded.

An information disclosure vulnerability exists in Microsoft Windows gdi32.dll. A remote attacker can exploit this vulnerability by sending the target user a malicious file. Successful exploitation could result in an out-of-bounds read and access to private user data.

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.