grc 漏洞列表

grc is a command-line utility that enhances the output of other commands with color and style. It is commonly used to improve the readability of command output by adding color highlighting and formatting. grc can be configured to work with various commands and is often used to make log files and command output easier to interpret.

The XDebug extension <= v2.6.0 for PHP is designed to expand the debugging capabilities of developers, including the ability to perform remote debugging. A misconfigured server, with ‘xdebug.remote_connect_back’ enabled, exposed to the internet could allow an unauthenticated remote attacker to trigger a debugging session using any IP via a simple web request. With a remote debugging session established, the attacker effectively has remote code execution (RCE) capabilities with which to establish persistence, exfiltrate data, or launch further attacks against the system or network.

EMC RSA Archer GRC是美国易安信（EMC）公司的一款企业IT治理和合规治理产品。该产品可以制定eGRC计划，用于管理企业风险、实现业务流程自动化等。 EMC RSA Archer GRC 5.3SP1之前的5.x版本，Archer Smart Suite Framework 4.x版本中存在漏洞。远程经过授权的攻击者可利用该漏洞绕过既定的访问限制进而上传任意文件。