Lucene search
+L

270 matches found

nvd
nvd
added 4 days ago8 views

CVE-2026-15471

A vulnerability was found in Eleveo Call Recording Software 9.7.0. This affects an unknown part of the file /callrec/pcidssstatus.jsp. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Th...

5.3CVSS0.00207EPSS
Exploits0References5
euvd
euvd
added 4 days ago7 views

EUVD-2026-43193

A vulnerability was found in Eleveo Call Recording Software 9.7.0. This affects an unknown part of the file /callrec/pcidssstatus.jsp. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Th...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References5
cvelist
cvelist
added 4 days ago34 views

CVE-2026-15471 Eleveo Call Recording Software pci_dss_status.jsp improper authorization

A vulnerability was found in Eleveo Call Recording Software 9.7.0. This affects an unknown part of the file /callrec/pcidssstatus.jsp. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Th...

5.3CVSS0.00207EPSS
Exploits0References5
cve
cve
added 4 days ago15 views

CVE-2026-15471

Eleveo Call Recording Software 9.7.0 contains a vulnerability in an unknown portion of /callrec/pci_dss_status.jsp that allows improper authorization. The issue supports remote exploitation and the exploit has been made public. No remediation details are provided in the document. Vendor contact o...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References5
thn
thn
added 2025/09/24 11:3 a.m.12 views

iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them. Download the complete iframe security guide here...

6.8AI score
Exploits0
qualysblog
qualysblog
added 2025/06/05 2:0 p.m.9 views

Ensure PCI 4.0 Readiness with File Integrity Monitoring for Containers

Compliance isn’t optional. But it’s never been more complex. The rise of containers has revolutionized modern infrastructure—enabling faster innovation and greater scalability. But with this transformation comes a new wave of compliance challenges. PCI DSS 4.0 introduces stricter requirements for...

7.2AI score
Exploits0
thn
thn
added 2025/03/07 11:0 a.m.18 views

What PCI DSS v4 Really Means – Lessons from A&F Compliance Journey

Access on-demand webinar here Avoid a $100,000/month Compliance Disaster March 31, 2025: The Clock is Ticking. What if a single overlooked script could cost your business $100,000 per month in non-compliance fines? PCI DSS v4 is coming, and businesses handling payment card data must be prepared...

7.2AI score
Exploits0
akamaiblog
akamaiblog
added 2025/02/26 2:0 p.m.8 views

PCI DSS v4.0.1: The Changes You Need to Know to Qualify for SAQ A

What's changed in PCI DSS v4.0.1? Get a breakdown of what these new requirements mean and how Akamai’s solutions can help...

7AI score
Exploits0
impervablog
impervablog
added 2025/02/25 3:1 a.m.10 views

How to Comply with PCI DSS 4.0 Requirements 6.4.3 and 11.6.1

The countdown to compliance is in its final stretch. With the third and final phase of PCI DSS 4.0 requirements taking effect on March 31, 2025, organizations are under increasing pressure to ensure their client-side security measures meet the new requirements. At Imperva, we’re committed to...

7.5AI score
Exploits0
thn
thn
added 2025/02/20 11:30 a.m.6 views

DMARC for PCI DSS 4.0: A Good Practice for Securing Emails

PCI DSS 4.0 encourages the implementation of anti-phishing controls like DMARC! This highlights and reinforces the importance of preventative measures against email fraud, domain spoofing, and phishing in the financial space. While not a mandate or a requirement for PCI DSS compliance, DMARC and...

7.3AI score
Exploits0
thn
thn
added 2025/02/20 11:21 a.m.21 views

PCI DSS 4.0 Mandates DMARC By 31st March 2025

The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing i...

7.4AI score
Exploits0
suse
suse
added 2025/02/14 7:20 a.m.6 views

Security update for SUSE Manager Client Tools

This update fixes the following issues: scap-security-guide was updated to version 0.1.75 jscECO-3319: Added Ism profile for OL8, OL9 Added new product kylinserver10 Created OL10 product Release SLMicro5 product Replaced two date injections by SOURCEDATEEPOCH to make reproducible bsc1230361 Updat...

5.7CVSS7.6AI score0.00172EPSS
Exploits0References34
osv
osv
added 2025/02/14 7:20 a.m.12 views

SUSE-SU-2025:0532-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: scap-security-guide was updated to version 0.1.75 jscECO-3319: - Added Ism profile for OL8, OL9 - Added new product kylinserver10 - Created OL10 product - Release SLMicro5 product - Replaced two date injections by SOURCEDATEEPOCH to make reproducible...

5.7CVSS9.8AI score0.00172EPSS
Exploits0References16
pentestpartners
pentestpartners
added 2025/02/13 6:47 a.m.14 views

PCI DSS v4.0 Evidence and documentation requirements checklist

TL;DR PCI DSS is complex and challenging Review the 12 top level controls Arm yourself with this checklist to help you navigate it Introduction PCI DSS v4.0 is challenging for a number of reasons: increased complexity, future-dated requirements, high costs and resource demands, vendor management...

7.2AI score
Exploits0
pentestpartners
pentestpartners
added 2025/02/11 6:32 a.m.13 views

PCI DSS. Where to start?

TL;DR Determine your role: Merchant or service provider Determine your level and requirements Identify your validation method: SAQ or RoC Use the PCI website Introduction The Payment Card Industry Data Security Standard, or PCI DSS, outlines essential requirements for protecting both you and your...

7.3AI score
Exploits0
qualysblog
qualysblog
added 2024/11/14 7:33 p.m.7 views

Best Practices for Cloud Compliance

Introduction In today’s data-driven landscape, businesses are embracing cloud computing technology for its efficiency and scalability. A Cloud Security Alliance CSA report revealed that 98% of organizations worldwide use cloud services. Yet, more than 1/3rd of those organizations may not be using...

6.9AI score
Exploits0
akamaiblog
akamaiblog
added 2024/11/08 2:0 p.m.7 views

Finding Solutions to Meet PCI DSS v4.0 Requirements 6.4.3 and 11.6.1

...

7.3AI score
Exploits0
thn
thn
added 2024/10/19 9:30 a.m.15 views

Acronym Overdose – Navigating the Complex Data Security Landscape

In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together...

7.1AI score
Exploits0
thn
thn
added 2024/09/16 11:5 a.m.17 views

Master Your PCI DSS v4 Compliance with Innovative Smart Approvals

The PCI DSS landscape is evolving rapidly. With the Q1 2025 deadline looming ever larger, businesses are scrambling to meet the stringent new requirements of PCI DSS v4.0. Two sections in particular, 6.4.3 and 11.6.1, are troublesome as they demand that organizations rigorously monitor and manage...

7.7AI score
Exploits0
hackread
hackread
added 2024/09/04 2:0 p.m.11 views

Criminal IP Secures PCI DSS v4.0 Certification, Enhancing Payment Security with Top-Level Compliance

Torrance, United States / California, 4th September 2024, CyberNewsWire...

7.3AI score
Exploits0
Rows per page
Query Builder