Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-38950 KEV |
|
[KEV] Path Traversal in Zkteco biotime (CVE-2023-38950)
path traversal in Zkteco biotime (CVE-2023-38950). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|
| CVE-2023-51141 |
|
Vulnerability in zkteco (CVE-2023-51141)
vulnerability in zkteco (CVE-2023-51141). Confidential information can be exposed externally.
|
| CVE-2023-51142 |
|
Information Disclosure in zkteco (CVE-2023-51142)
vulnerability in zkteco (CVE-2023-51142). Confidential information can be exposed externally.
|
| CVE-2023-38952 |
|
Vulnerability in zkteco (CVE-2023-38952)
vulnerability in zkteco (CVE-2023-38952). Confidential information can be exposed externally.
|
| CVE-2023-38949 |
|
Vulnerability in zkteco (CVE-2023-38949)
vulnerability in zkteco (CVE-2023-38949). Data can be tampered with by attackers.
|
| CVE-2023-38954 |
|
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
|
| CVE-2023-38955 |
|
Vulnerability in zkteco (CVE-2023-38955)
vulnerability in zkteco (CVE-2023-38955). Confidential information can be exposed externally.
|
| CVE-2023-38956 |
|
Path Traversal in path-traversal (CVE-2023-38956)
path traversal in path-traversal (CVE-2023-38956). Confidential information can be exposed externally.
|
| CVE-2023-38958 |
|
Authorization Flaw in zkteco (CVE-2023-38958)
vulnerability in zkteco (CVE-2023-38958). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-36635 |
|
SQL Injection in sqli (CVE-2022-36635)
SQL injection in sqli (CVE-2022-36635). Successful exploitation can lead to full system takeover.
|
| CVE-2022-36634 |
|
Authorization Flaw in zkteco (CVE-2022-36634)
vulnerability in zkteco (CVE-2022-36634). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17056 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-17056)
vulnerability in csrf (CVE-2017-17056). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17057 |
|
Cross-Site Scripting (XSS) in zkteco (CVE-2017-17057)
cross-site scripting in zkteco (CVE-2017-17057). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13129 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-13129)
vulnerability in csrf (CVE-2017-13129). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14680 |
|
Information Disclosure in zkteco (CVE-2017-14680)
vulnerability in zkteco (CVE-2017-14680). Confidential information can be exposed externally.
|