A type confusion vulnerability was discovered in Microsoft Internet Explorer and Microsoft Edge. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system.
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
Joomla Core is prone to multiple security-bypass vulnerabilities. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions, this may aid in launching further attacks.
A remote code execution vulnerability exits in Apache Struts such that upon successful exploitation a malicious expression can be used to execute arbitrary code on server side when Dynamic Method Invocation is enabled.