When browsing the Emsi Software web pages you may encounter terms that need further explanation. These terms are explained in the following short reference. All terms with hyperlinks have a more detailed article available.
Khashayar Fereidani has reported some vulnerabilities in Maian Recipe, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "header", "header2", "header3", "header4", "header5", "header6", "header7", "header8", and "header9" parameters in admin/inc/header.php is not
Khashayar Fereidani has discovered some vulnerabilities in Maian Search, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed to the "keywords" parameters in search.php is not properly sanitised before being used
Slackware has issued an update for php. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions, and potentially by malicious people to cause a DoS (Denial of
RoMaNcYxHaCkEr has discovered some vulnerabilities in SazCart, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "_saz[settings][site_dir]" parameter in layouts/default/header.saz.php and to the "_saz[settings][site_url]" parameter in admin/alayouts/default/pages/login.php is not properly verified before being
Today, they have matured to the next crucial stage in making the union between the business and IT work by aligning their security strategy with their business strategy.
LinuxSecurity.com: One of the most prized rights of any American is the right to privacy and security. It's something people in some countries would kill for. Yet now there appears to be a very frightening trend growing. Your privacy and
LinuxSecurity.com: It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service
LinuxSecurity.com: Multiple vulnerabilities have been discovered in components shipped with LTSP which allow remote attackers to compromise terminal clients.
LinuxSecurity.com: An updated hal-info package fixes resume from suspend to RAM on HP 6710b systems. It had previously failed with a black screen on Mandriva Linux 2008.0.
LinuxSecurity.com: A heap-based buffer overflow vulnerability was found in how ImageMagick parsed XCF files. If ImageMagick opened a specially-crafted XCF file, it could be made to overwrite heap memory beyond the bounds of its allocated memory, potentially allowing an attacker
Khashayar Fereidani has reported a vulnerability in Maian Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "keywords" parameter in admin/index.php is not properly sanitised before being returned to a user. This
cOndemned has discovered a vulnerability in Galleristic, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "cat" parameter in index.php is not properly sanitised before being used in SQL queries. This can be
Khashayar Fereidani has discovered some vulnerabilities in Maian Support, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "msg_script", "msg_script2", and "msg_script3" parameters in admin/inc/footer.php and to the "msg_script2" parameter in admin/inc/header.php is
Ubuntu has issued an update for gst-plugins-good0.10. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library.
