414 matches found
PT-2022-26859 · Unknown · Eramba Grc
Name of the Vulnerable Software and Affected Versions: Eramba GRC Software version c2.8.1 Description: A stored cross-site scripting XSS issue in the Add function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field. This enables...
CVE-2022-43342
CVE-2022-43342 describes a stored cross-site scripting (XSS) vulnerability in Eramba GRC Software version c2.8.1, exploitable via a crafted payload injected into the KPI Title field in the Add function. The CVE notes that attackers can execute arbitrary web scripts or HTML, with the impact limite...
CVE-2022-39801
SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and...
Session fixation
SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and...
CVE-2022-39801
SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and...
CVE-2022-39801
CVE-2022-39801 relates to SAP GRC Access Control Emergency Access Management. An authenticated attacker can access a Firefighter session after it is closed in the Firefighter Logon Pad, with exploitation possible only inside the firewall, potentially enabling access to an admin session and comple...
CVE-2022-39801
SAP GRC Access control Emergency Access Management allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the firewall. On successful exploitation the attacker can gain access to admin session and...
How GRC protects the value of organizations — A simple guide to data quality and integrity
Contemporary organizations understand the importance of data and its impact on improving interactions with customers, offering quality products or services, and building loyalty. Data is fundamental to business success. It allows companies to make the right decisions at the right time and deliver...
PT-2022-24999 · Sap · Sap Grc Access Control
Name of the Vulnerable Software and Affected Versions: SAP GRC Access control affected versions not specified Description: The issue allows an authenticated attacker to access a Firefighter session even after it is closed in Firefighter Logon Pad. This attack can be launched only within the...
MAL-2022-1524 Malicious code in bfx-facs-grc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5e22f7cc8c986b668efaad78ffe1fb54f9e0fc005376943ab669c9883b6464c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bfx-facs-grc-slack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d68b2d23fdbc513af252da8c8fe29ba0d5899a93e9142ae773ba68ff7b60190 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bfx-proxy-grc-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10e94e06f004a17e582b795ae2695865df501e2ae73e23c466ea97f5c47b43a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1544 Malicious code in bfx-proxy-grc-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10e94e06f004a17e582b795ae2695865df501e2ae73e23c466ea97f5c47b43a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bfx-facs-grc-s3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5cfcf4ec66cbefa85f2c259a3d914576dc423f2569c6a432be4ad3c4e41ae949 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1525 Malicious code in bfx-facs-grc-s3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5cfcf4ec66cbefa85f2c259a3d914576dc423f2569c6a432be4ad3c4e41ae949 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
new packages: hunspell-grc
An update is available for hunspell-grc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC.
Summary Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC. Vulnerability Details CVEID: CVE-2021-34558 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by the failure to properly assert that the type of public key in an...
CVE-2021-44233
SAP GRC Access Control - versions V1100700, V1100731, V1200750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges...
CVE-2021-44233
SAP GRC Access Control - versions V1100700, V1100731, V1200750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges...
Authorization
SAP GRC Access Control - versions V1100700, V1100731, V1200750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges...