99 matches found
ssc-ras.ru Cross Site Scripting vulnerability OBB-3517269
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-33524
Advent/SSC Inc. Tamale RMS 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL, one enumerates Contact information on the host which contains usernames, e-mail addresses, and other internal information stored within the web app...
Directory traversal
Advent/SSC Inc. Tamale RMS 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL, one enumerates Contact information on the host which contains usernames, e-mail addresses, and other internal information stored within the web app...
CVE-2023-33524
Advent/SSC Inc. Tamale RMS 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL, one enumerates Contact information on the host which contains usernames, e-mail addresses, and other internal information stored within the web app...
CVE-2023-33524
Advent/SSC Inc. Tamale RMS 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL, one enumerates Contact information on the host which contains usernames, e-mail addresses, and other internal information stored within the web app...
CVE-2023-33524
CVE-2023-33524 affects Advent/SSC Inc. Tamale RMS versions prior to 23.1. The issue is a directory traversal vulnerability in the web application, allowing an attacker to enumerate contact information stored within the host (usernames, e‑mail addresses, and other internal data) when accessing the...
kernel: NFSv4.2 fix problems with __nfs42_ssc_open
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...
CVE-2023-1652
A use-after-free flaw was found in nfsd4sscsetupdul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem...
kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack
A use-after-free vulnerability was found in nfs42sscopen in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service...
kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack
A use-after-free vulnerability was found in nfs42sscopen in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service...
kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack
A use-after-free vulnerability was found in nfs42sscopen in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service...
PT-2023-35019 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.9 Description: The issue is related to a use-after-free in the nfsd4 ssc setup dul function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
AZL-12950 CVE-2022-4379 affecting package kernel for versions less than 5.15.107.1-2
A use-after-free vulnerability was found in nfs42sscopen in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial...
sscg bug fix and enhancement update
An update is available for sscg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sscg utility helps to create more secure "self-signed" certificates. These...
Learn how Microsoft strengthens IoT and OT security with Zero Trust
As cyber threats grow more sophisticated and relentless, the need for Cybersecurity Awareness Month becomes more urgent every year. As part of our year-round commitment to security for all, Microsoft continues to track numerous incidents targeting both digital and physical operations for many...
P2PE v3.0 – Why organizations should prepare now
The Payment Card Industry Security Standards Council PCI SSC published version 3.0 of the Point-To-Point Encryption P2PE standard back in December 2019. The new version simplifies and adds flexibility to the process for component and solution providers to validate their P2PE products for cardhold...
sscg bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Establishing remote data center assessment standards
For the foreseeable future, the COVID-19 crisis has changed the very nature of on-site cybersecurity compliance assessments and testing. Leading the way, the Payment Card Industry Security Standards Council PCI SSC quickly recognized that its requirements for physical, on-site data center...
Developing COVID-19 outbreak communication and adjustment to planned assessment activities
As the coronavirus outbreak continues and safety concerns relating to travel and large meeting groups increase globally, Coalfires Payments Assurance Practice has been monitoring the effect of this crisis on both its customers and its employees. As a Qualified Security Assessor Company QSAC,...
Preparing for PCI DSS 4.0
PCI DSS 4.0 is currently in its request for comments RFC process, where the industry can provide comments and feedback to help shape the next iteration. This process is initially open to the participating organizations - members that help steer and inform the PCI SSC based on their experiences. T...