Lucene search
K

414 matches found

CVE
CVE
added 2021/12/14 3:44 p.m.45 views

CVE-2021-44233

CVE-2021-44233 affects SAP GRC Access Control versions V1100_700, V1100_731, V1200_750, where an authenticated user may be able to escalate privileges due to insufficient authorization checks. The issue is described as an authorization check gap leading to privilege elevation. No exploitation det...

8.8CVSS8.7AI score0.00802EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/14 3:44 p.m.22 views

CVE-2021-44233

SAP GRC Access Control - versions V1100700, V1100731, V1200750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges...

9AI score0.00802EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2021/08/17 12:0 a.m.4 views

VulnCheck KEV: CVE-2014-0640

EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors...

4CVSS5.8AI score0.01174EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/18 1:25 p.m.42 views

Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC

Summary Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC. Vulnerability Details CVEID: CVE-2021-3114 DESCRIPTION: An unspecified error with the P224 Curve implementation can generate incorrect outputs in Golang Go has an unknown impact an...

7.5CVSS8.5AI score0.06497EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2021/05/12 12:0 a.m.9 views

Unspecified Vulnerability in IBM OpenPages GRC Platform

IBM OpenPages GRC Platform is a suite of platforms for managing enterprise risk and compliance from IBM in the United States. The platform provides a set of core services and functional components that cover the risk and compliance domain including operational risk, policy and compliance, financi...

4.3CVSS6.2AI score0.00982EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/12 12:0 a.m.7 views

OpenPages GRC Platform Cross-Site Scripting Vulnerability (CNVD-2021-34717)

OpenPages with Watson is an AI-powered financial risk analytics solution. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through a number ...

5.4CVSS6.2AI score0.00495EPSS
Exploits0References1
NVD
NVD
added 2021/05/11 4:15 p.m.18 views

CVE-2020-4535

IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...

5.4CVSS0.00495EPSS
Exploits0References2
OSV
OSV
added 2021/05/11 4:15 p.m.5 views

CVE-2020-4536

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

4.3CVSS5.8AI score0.00982EPSS
Exploits0References2
OSV
OSV
added 2021/05/11 4:15 p.m.5 views

CVE-2020-4535

IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...

5.4CVSS5.4AI score0.00495EPSS
Exploits0References2
NVD
NVD
added 2021/05/11 4:15 p.m.19 views

CVE-2020-4536

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

4.3CVSS0.00982EPSS
Exploits0References2
Prion
Prion
added 2021/05/11 4:15 p.m.12 views

Cross site scripting

IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...

3.5CVSS5.1AI score0.00495EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/05/11 4:15 p.m.15 views

Information disclosure

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

4CVSS4.2AI score0.00982EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/11 3:45 p.m.19 views

CVE-2020-4535

IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...

5.4CVSS5.2AI score0.00495EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/05/11 3:45 p.m.22 views

CVE-2020-4536

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...

4.3CVSS4.2AI score0.00982EPSS
Exploits0References2
CVE
CVE
added 2021/05/11 3:45 p.m.44 views

CVE-2020-4535

OpenPages GRC Platform 8.1 is affected by a cross-site scripting (XSS) vulnerability in the Web UI that allows embedding arbitrary JavaScript, potentially leading to credential disclosure within a trusted session. Root cause: improper input/output handling in the Web UI. Affected product/version:...

5.4CVSS5.2AI score0.00495EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/05/11 3:45 p.m.40 views

CVE-2020-4536

CVE-2020-4536 affects IBM OpenPages with Watson (GRC Platform) version 8.1, where a remote attacker could obtain sensitive information via a detailed error message returned in the browser. Vulnerable component is within IBM OpenPages GRC Platform 8.1; impact is information disclosure with CVSS ~4...

4.3CVSS4.2AI score0.00982EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/05/10 12:0 a.m.5 views

IBM OpenPages with Watson 跨站脚本漏洞

OpenPages with Watson is an AI-powered financial risk analytics solution. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through a number ...

5.4CVSS5.5AI score0.00495EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/04 9:29 p.m.45 views

Security Bulletin: Security vulnerabilities in Python3 affect IBM Cloud Pak for Multicloud Management Hybrid GRC.

Summary Security Bulletin: Security vulnerabilities in Python3 affect IBM Cloud Pak for Multicloud Management Hybrid GRC. Vulnerability Details CVEID: CVE-2020-8492 DESCRIPTION: Python is vulnerable to a denial of service, caused by a flaw in the urllib.request.AbstractBasicAuthHandler. By sendin...

7.5CVSS0.7AI score0.12826EPSS
Exploits1Affected Software1
Qualys Blog
Qualys Blog
added 2020/11/16 4:45 p.m.24 views

A Modern Approach to Risk Management and Compliance

For far too long, organizations had to rely on traditional Governance, Risk and Compliance GRC tools -- with their modular and siloed approach -- to address their risk management and reporting compliance posture. With an increasing number of organizations looking at the Integrated Risk Management...

7.5AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/02 3:26 p.m.23 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM OpenPages with Watson (CVE-2020-4575)

Summary IBM WebSphere Application Server is shipped as a component of IBM OpenPages with Watson. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

2.5AI score0.00921EPSS
Exploits0Affected Software1
Rows per page
Query Builder