WordPress – Cross-Site Scripting (XSS) in Shortcode Previews
Description: WordPress before version 5.2.3 allows XSS in shortcode previews, which gives attackers chances to compromise the victim’s web server.
Adobe Flash Player – Arbitrary Code Execution Vulnerability
Description: Adobe Flash Player Desktop Runtime and for Chrome 18.104.22.168 and earlier versions, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 22.214.171.124 and earlier versions have a Same Origin Method Execution vulnerability.
Threat: Successful exploitation could lead to arbitrary code execution in the context of the current user.
Windows Transaction Manager – Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. an attacker would first have to log on to the system, and then run a specially crafted application.
Threat: An attacker who exploited the vulnerability could potentially read data that was not intended to be disclosed.