Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: zkteco Clear
ID Title
CVE-2023-38950 KEV [KEV] Path Traversal in Zkteco biotime (CVE-2023-38950)
path traversal in Zkteco biotime (CVE-2023-38950). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2023-51141 Vulnerability in zkteco (CVE-2023-51141)
vulnerability in zkteco (CVE-2023-51141). Confidential information can be exposed externally.
CVE-2023-51142 Information Disclosure in zkteco (CVE-2023-51142)
vulnerability in zkteco (CVE-2023-51142). Confidential information can be exposed externally.
CVE-2023-38952 Vulnerability in zkteco (CVE-2023-38952)
vulnerability in zkteco (CVE-2023-38952). Confidential information can be exposed externally.
CVE-2023-38949 Vulnerability in zkteco (CVE-2023-38949)
vulnerability in zkteco (CVE-2023-38949). Data can be tampered with by attackers.
CVE-2023-38954 ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
CVE-2023-38955 Vulnerability in zkteco (CVE-2023-38955)
vulnerability in zkteco (CVE-2023-38955). Confidential information can be exposed externally.
CVE-2023-38956 Path Traversal in path-traversal (CVE-2023-38956)
path traversal in path-traversal (CVE-2023-38956). Confidential information can be exposed externally.
CVE-2023-38958 Authorization Flaw in zkteco (CVE-2023-38958)
vulnerability in zkteco (CVE-2023-38958). Risk of unauthorized operations or information disclosure.
CVE-2022-36635 SQL Injection in sqli (CVE-2022-36635)
SQL injection in sqli (CVE-2022-36635). Successful exploitation can lead to full system takeover.
CVE-2022-36634 Authorization Flaw in zkteco (CVE-2022-36634)
vulnerability in zkteco (CVE-2022-36634). Successful exploitation can lead to full system takeover.
CVE-2017-17056 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-17056)
vulnerability in csrf (CVE-2017-17056). Successful exploitation can lead to full system takeover.
CVE-2017-17057 Cross-Site Scripting (XSS) in zkteco (CVE-2017-17057)
cross-site scripting in zkteco (CVE-2017-17057). Risk of unauthorized operations or information disclosure.
CVE-2017-13129 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-13129)
vulnerability in csrf (CVE-2017-13129). Successful exploitation can lead to full system takeover.
CVE-2017-14680 Information Disclosure in zkteco (CVE-2017-14680)
vulnerability in zkteco (CVE-2017-14680). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →