>> ARCHIVE: 2016-06

Joomla BT Media component version 1.0 suffers from a remote SQL injection vulnerability.

There is a stack overflow in Linux via ecryptfs and /proc/$pid/environ.

The Adobe Type Manager Font Driver (ATMFD.DLL) responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode applications via an undocumented gdi32!NamedEscape…

gdi32.dll in Microsoft Windows suffers from a heap-based out-of-bounds reads / memory disclosure vulnerability in multiple DIB-related EMF record handlers.

It is possible to bypass the ProcessFontDisablePolicy check in win32k to load a custom font from an arbitrary file on disk even in a sandbox.

dbdiff suffers from a cross site scripting vulnerability.

WordPress Premium SEO Pack plugin version 1.9.1.3 wp_options overwrite exploit.

CMS Elevel version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

Airia suffers from reflective and persistent cross site scripting vulnerabilities.

Airia suffers from a cross site request forgery vulnerability.