A buffer overflow in the memcached tool has been patched after a public disclosure of the details and proof-of-concept exploit code.
A critical flaw in VMware Fusion and Workstation could allow an attacker to run arbitrary code on the host from the guest.
Drupal has released fixes for a file-upload flaw that could lead to remote code execution.
The Exim MTA used in many Linux distributions contains a vulnerability that is trivially exploitable locally and can be exploited remotely in some cases.
A bug that can grant arbitrary code execution has been lurking in the WinRAR compression utility since 2000.