A memory corruption vulnerability exists in Microsoft Office. An attacker who successfully exploited this vulnerability could use a specially crafted file to perform remote code execution in the security context of the current user.
An elevation of privilege vulnerability exists in the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols when they accept authentication levels that do not protect the RPC channel adequately. An attacker who successfully exploited this vulnerability could gain access to the SAM database.
A remote code execution vulnerability exists in Microsoft Windows PDF. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user.
Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.
Directory traversal vulnerability in Action View in Ruby on Rails before 18.104.22.168, 4.0.x and 4.1.x before 22.214.171.124, 4.2.x before 126.96.36.199, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
Joomla is prone to a vulnerability that allow remote attacker to execute the arbitrary code, as application fails to sanitize user-supplied input. An attacker can leverage this issue to obtain sensitive information, modify data or upload web shell.