2016
04.29

http://sahathat.go.th/obec/web1/file_editor/_input_3_.txt notified by DeadsOul

mirror site here.

2016
04.29

http://narathiwat.nfe.go.th/ampwaeng/web1/file_editor/_input_3_.txt notified by DeadsOul

mirror site here.

2016
04.29

An independent vulnerability laboratory researcher discovered a client-side cross site scripting vulnerability in the official WordPress Truemag Theme.

credit VulnLab

2016
04.29

If an application sends a one way binder transaction the service tries to send a reply which fails. This causes the service manager to exit its binder loop and the process dies causing the system to reboot. Tested on Android version 6.0.1 February patches.

more details here.

2016
04.29

A Microsoft Windows kernel crash exists in the win32k.sys driver while processing a corrupted TTF font file.

more details here.

2016
04.29

PHP 7.x Heap Overflow

An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex() and getFromName() methods of ZipArchive, resulting in a heap overflow. Full exploit included.

more details here.

2016
04.29

Rough Auditing Tool for Security (RATS) 2.3 – Array Out of Block Crash

more details here.

2016
04.29

Observium 0.16.7533 – Authenticated Arbitrary Command Execution

more details here.

2016
04.29

Wireshark – dissect_2008_16_security_4 Stack-Based Buffer Overflow

more details here.

2016
04.29

GLPi 0.90.2 – SQL Injection

more details here.