Goood
Last Update: 2025-12-02
Between 700 and 749
Everything that's good. Show more Show less
NAICS: 541
NAICS Definition:
Employees: 1
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
Comparison Overview
Goood
VS
QA Graphics
QA Graphics
Last Update: 2025-12-03
Between 700 and 749
QA Graphics is an interactive design company specializing in BAS graphics and interactive design. The company is the leader in providing creative BAS graphics outsourcing for the building automation and green building industries. Our design services include touchscreen applications, 3D design and animation, BAS graphics, & floor plans. QA Graphics originally focused on providing the building automation industry with the best possible BAS graphic outsourcing services. As a result, we’ve had the opportunity to work with some of the industry’s largest control system manufacturers. This allowed us to expand our capabilities to provide a comprehensive set of design services to complement our clients’ existing marketing and sales strategies.
NAICS: 54143
NAICS Definition: Graphic Design Services
Employees: 14
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
Compliance Badges Comparison
Security & Compliance Standards Overview
Goood
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
QA Graphics
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
Goood
100%
Compliance Rate
0/4 Standards Verified
QA Graphics
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Graphic Design Industry Average (This Year)
No incidents recorded for Goood in 2025.
Incidents vs Graphic Design Industry Average (This Year)
No incidents recorded for QA Graphics in 2025.
Incident History — Goood (X = Date, Y = Severity)
Goood cyber incidents detection timeline including parent company and subsidiaries
Incident History — QA Graphics (X = Date, Y = Severity)
QA Graphics cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
Goood
Incidents
No Incident
QA Graphics
Incidents
No Incident
FAQ
Both Goood company and QA Graphics company demonstrate a comparable AI Cybersecurity Score, with strong governance and monitoring frameworks in place.
Historically, QA Graphics company has disclosed a higher number of cyber incidents compared to Goood company.
In the current year, QA Graphics company and Goood company have not reported any cyber incidents.
Neither QA Graphics company nor Goood company has reported experiencing a ransomware attack publicly.
Neither QA Graphics company nor Goood company has reported experiencing a data breach publicly.
Neither QA Graphics company nor Goood company has reported experiencing targeted cyberattacks publicly.
Neither Goood company nor QA Graphics company has reported experiencing or disclosing vulnerabilities publicly.
Neither Goood nor QA Graphics holds any compliance certifications.
Neither company holds any compliance certifications.
Neither Goood company nor QA Graphics company has publicly disclosed detailed information about the number of their subsidiaries.
QA Graphics company employs more people globally than Goood company, reflecting its scale as a Graphic Design.
Neither Goood nor QA Graphics holds SOC 2 Type 1 certification.
Neither Goood nor QA Graphics holds SOC 2 Type 2 certification.
Neither Goood nor QA Graphics holds ISO 27001 certification.
Neither Goood nor QA Graphics holds PCI DSS certification.
Neither Goood nor QA Graphics holds HIPAA certification.
Neither Goood nor QA Graphics holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.
Risk Information
cvss3
Base: 4.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Description
FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation, sanitization, or execution restrictions. An authenticated remote attacker can upload a crafted PHP file and cause the application or web server to execute it, resulting in remote code execution (RCE).
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Description
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Description
NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database.
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries.
Risk Information
cvss3
Base: 8.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
cvss4
Base: 7.1
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
