Lucene search
K

50 matches found

EUVD
EUVD
added 2026/05/29 12:9 p.m.10 views

EUVD-2026-33282

Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...

10CVSS5.8AI score0.00341EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 10:43 p.m.5 views

CVE-2025-41257

Suprema’s BioStar 2 in version 2.9.11.6 allows users to set new password without providing the current one. Exploiting this flaw combined with other vulnerabilities can lead to unauthorized account access and potential system compromise...

4.8CVSS5.8AI score0.00248EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-37526

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00551EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-37527

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01548EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-36212

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00863EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-37529

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00598EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-37528

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00721EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.8 views

CVE-2023-33365

A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server...

7.5CVSS7.1AI score0.00721EPSS
Exploits0References1
NVD
NVD
added 2023/08/03 4:15 p.m.17 views

CVE-2023-33364

An OS Command injection vulnerability exists in Suprema BioStar 2 before V2.9.1, which allows authenticated users to execute arbitrary OS commands on the BioStar 2 server...

8.8CVSS9AI score0.01548EPSS
Exploits0References2
OSV
OSV
added 2023/08/03 4:15 p.m.5 views

CVE-2023-33365

A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server...

7.5CVSS5.9AI score0.00721EPSS
Exploits0References2
NVD
NVD
added 2023/08/03 4:15 p.m.17 views

CVE-2023-33363

An authentication bypass vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated users to access some functionality on BioStar 2 servers...

7.5CVSS7.7AI score0.00551EPSS
Exploits0References2
NVD
NVD
added 2023/08/03 4:15 p.m.16 views

CVE-2023-33366

A SQL injection vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows authenticated users to inject arbitrary SQL directives into an SQL statement and execute arbitrary SQL commands...

8.8CVSS8.9AI score0.00598EPSS
Exploits0References2
Prion
Prion
added 2023/08/03 4:15 p.m.29 views

Command injection

An OS Command injection vulnerability exists in Suprema BioStar 2 before V2.9.1, which allows authenticated users to execute arbitrary OS commands on the BioStar 2 server...

6.5CVSS8.8AI score0.01548EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/03 4:15 p.m.24 views

Path traversal

A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server...

5CVSS7.6AI score0.00721EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/03 4:15 p.m.19 views

Sql injection

A SQL injection vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows authenticated users to inject arbitrary SQL directives into an SQL statement and execute arbitrary SQL commands...

6.5CVSS8.8AI score0.00598EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/03 4:15 p.m.11 views

Authentication flaw

An authentication bypass vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated users to access some functionality on BioStar 2 servers...

5CVSS7.7AI score0.00551EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/03 12:0 a.m.20 views

CVE-2023-33365

A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server...

7.1AI score0.00721EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/03 12:0 a.m.11 views

CVE-2023-33366

A SQL injection vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows authenticated users to inject arbitrary SQL directives into an SQL statement and execute arbitrary SQL commands...

8AI score0.00598EPSS
Exploits0References2
CVE
CVE
added 2023/08/03 12:0 a.m.38 views

CVE-2023-33366

Summary: CVE-2023-33366 is a SQL injection vulnerability in Suprema BioStar 2 prior to 2.9.1. Authenticated users can inject arbitrary SQL into statements and execute commands. The issue has a high impact (CVSS 3.1 base score 8.8) affecting the BioStar 2 web/DB interaction. Affected version(s) : ...

8.8CVSS8.8AI score0.00598EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/03 12:0 a.m.36 views

CVE-2023-33363

Suprema BioStar 2 contains an authentication bypass vulnerability in versions before 2.9.1, allowing unauthenticated users to access certain functionality on BioStar 2 servers. The issue is documented across multiple feeds (NVD, Red Hat, PRION, CNNVD, etc.) with the vulnerability identified as CV...

7.5CVSS7.7AI score0.00551EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder