80 matches found
DORA Compliance Cybersecurity Guide for Finance
DORA Compliance Cybersecurity: A Practical Guide for Financial Services Teams DORA compliance cybersecurity is now a board-level priority for banks, insurers, investment firms, payment providers, and the ICT providers that support them. The Digital Operational Resilience Act shifts the conversati...
EUVD-2023-29945
Malicious code in bioql PyPI...
EUVD-2022-34057
Malicious code in bioql PyPI...
EUVD-2022-34054
Malicious code in bioql PyPI...
EUVD-2023-34156
Malicious code in bioql PyPI...
CVE-2024-29941
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...
CVE-2023-2692
A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/roominfo.php of the component GET Parameter Handler. The manipulation of the argument name leads to cro...
CVE-2022-29731
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users...
CVE-2022-29734
A cross-site scripting XSS vulnerability in ICT Protege GX/WX v2.08 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter...
Simplifying DORA Compliance with the Qualys Enterprise TruRisk™ Platform
Strengthening Resilience for the Financial Sector The Digital Operational Resilience Act DORA is a landmark EU regulation that establishes a unified framework for managing technology risk in the financial sector. It’s designed to ensure that banks, insurers, investment firms, and other financial...
CVE-2024-29941
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...
CVE-2024-29941 Credential Cloning
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...
CVE-2024-29941
CVE-2024-29941 describes insecure storage of ICT MIFARE and DESFire encryption keys in the firmware binary, enabling credential cloning by creating credentials for any site code and card number that uses the default ICT encryption. The Red Hat/NVD entries corroborate that the issue arises from st...
CVE-2024-29941 Credential Cloning
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...
Achieving DORA Compliance with Qualys: A Comprehensive Approach
In the ever-changing landscape of finance and technology, it is crucial to have robust operational resilience and compliance frameworks. The Digital Operational Resilience Act DORA framework is a significant step in this direction, as it is intended to strengthen the resilience of financial...
Command Execution Vulnerabilities in Various Products of Beijing StarNet Ruijie Network Technology Company Limited (CNVD-2023-68249)
Beijing StarNet Ruijie Network Technology Co., Ltd. is an ICT infrastructure and industry solutions provider. A command execution vulnerability exists in various products of Beijing StarNet Ruijie Network Technology Co., Ltd. that can be exploited by attackers to gain server privileges...
CVE-2023-2692
A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/roominfo.php of the component GET Parameter Handler. The manipulation of the argument name leads to cro...
Cross site scripting
A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/roominfo.php of the component GET Parameter Handler. The manipulation of the argument name leads to cro...
CVE-2023-2692 SourceCodester ICT Laboratory Management System GET Parameter room_info.php cross site scripting
A vulnerability has been found in SourceCodester ICT Laboratory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/roominfo.php of the component GET Parameter Handler. The manipulation of the argument name leads to cro...
CVE-2023-2692
SourceCodester ICT Laboratory Management System 1.0 contains a cross-site scripting vulnerability in views/room_info.php (GET Parameter Handler). Manipulating the name parameter leads to XSS. The issue can be exploited remotely and has public exploits; identifier VDB-228973 is assigned. Multiple ...