Lucene search
K

77 matches found

NVD
NVD
added 2026/05/29 1:16 p.m.16 views

CVE-2026-9508

Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...

10CVSS0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 12:11 p.m.10 views

CVE-2026-9509 Uncaught exception vulnerability in Suprema's BioStar

An unhandled exception in Suprema BioStar 2 Server, versions 2.9.8, 2.9.10, and 2.9.11, that allows an unauthenticated remote attacker to cause a denial of service DoS by sending HTTP POST requests to the ‘/api/migration’ endpoint. This request triggers a failure that halts critical processes,...

8.7CVSS5.9AI score0.00351EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 12:9 p.m.9 views

CVE-2026-9508

Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...

10CVSS5.8AI score0.00341EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/29 12:9 p.m.10 views

EUVD-2026-33282

Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...

10CVSS5.8AI score0.00341EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.17 views

PT-2026-44832

Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...

10CVSS5.8AI score0.00341EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-44833

An unhandled exception in Suprema BioStar 2 Server, versions 2.9.8, 2.9.10, and 2.9.11, that allows an unauthenticated remote attacker to cause a denial of service DoS by sending HTTP POST requests to the ‘/api/migration’ endpoint. This request triggers a failure that halts critical processes,...

8.7CVSS5.9AI score0.00351EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Suprema BioStar 安全漏洞

Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, visitor management, and video log maintenance. There were security vulnerabilities in the versions of Suprem...

10CVSS5.8AI score0.00341EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 10:43 p.m.5 views

CVE-2025-41257

Suprema’s BioStar 2 in version 2.9.11.6 allows users to set new password without providing the current one. Exploiting this flaw combined with other vulnerabilities can lead to unauthorized account access and potential system compromise...

4.8CVSS5.8AI score0.00248EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.6 views

Suprema BioStar 安全漏洞

Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, guest management, and video log maintenance. A security vulnerability exists in the version 2.2.9.11.6 of...

4.8CVSS5.8AI score0.00248EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:45 a.m.12 views

CVE-2022-38351

A vulnerability in Suprema BioStar aka Bio Star 2 v2.8.16 allows attackers to escalate privileges to System Administrator via a crafted PUT request to the update profile page...

8.8CVSS6.9AI score0.0089EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-37526

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00551EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-36212

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00863EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-37527

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01548EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-37529

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00598EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-37528

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00721EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-40941

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0089EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-30947

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.07496EPSS
Exploits4References6
RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.8 views

CVE-2023-33365

A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server...

7.5CVSS7.1AI score0.00721EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:31 a.m.7 views

CVE-2023-27167

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?searchmonth=1...

6.5CVSS8.2AI score0.07496EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.5 views

CVE-2023-33363

An authentication bypass vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated users to access some functionality on BioStar 2 servers...

7.5CVSS7.2AI score0.00551EPSS
Exploits0References1
Rows per page
Query Builder