Lucene search
+L

22 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42714

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00504EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-42716

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00603EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.17 views

CVE-2023-38954

ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...

9.8CVSS8.2AI score0.00504EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.9 views

CVE-2023-38956

A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload...

7.5CVSS6.9AI score0.00603EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.6 views

CVE-2023-38958

An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request...

5.3CVSS6.9AI score0.00312EPSS
Exploits0
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.5 views

ZKTeco BioAccess IVS Cross-Site Scripting Vulnerability

ZKTeco BioAccess IVS is a lite web-based security platform from China-based ZKTeco. A cross-site scripting vulnerability exists in ZKTeco BioAccess IVS 3.3.2 and earlier versions, which stems from cross-site scripting in the component Department Name Search Bar...

5.4CVSS6.1AI score0.00433EPSS
Exploits0References8
CNVD
CNVD
added 2023/08/07 12:0 a.m.10 views

ZKTeco BioAccess IVS Path Traversal Vulnerability

ZKTeco BioAccess IVS is a lite web-based security platform from ZKTeco, China. A path traversal vulnerability exists in ZKTeco BioAccess IVS v3.3.1, which stems from the program's failure to properly filter special elements in the path of a resource or file, and can be exploited by an attacker to...

7.5CVSS6.9AI score0.00603EPSS
Exploits0References1
CNVD
CNVD
added 2023/08/07 12:0 a.m.10 views

ZKTeco BioAccess IVS Access Control Error Vulnerability

ZKTeco BioAccess IVS is a lite web-based security platform from ZKTeco, China. An Access Control Error vulnerability exists in ZKTeco BioAccess IVS v3.3.1, which arises from improper access control and can be exploited by an attacker to arbitrarily close and open the door to the platform...

5.3CVSS6.8AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2023/08/03 2:15 a.m.22 views

CVE-2023-38954

ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...

9.8CVSS9.9AI score0.00504EPSS
Exploits0References1
OSV
OSV
added 2023/08/03 2:15 a.m.7 views

CVE-2023-38955

ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names...

7.5CVSS5.8AI score0.00498EPSS
Exploits0References2
Prion
Prion
added 2023/08/03 2:15 a.m.20 views

Sql injection

ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...

7.5CVSS9.8AI score0.00504EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/03 2:15 a.m.21 views

Path traversal

A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload...

5CVSS7.4AI score0.00603EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/03 12:0 a.m.11 views

CVE-2023-38956

A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload...

7AI score0.00603EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/03 12:0 a.m.17 views

CVE-2023-38958

An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request...

7.2AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/03 12:0 a.m.29 views

CVE-2023-38954

ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...

10AI score0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/03 12:0 a.m.30 views

CVE-2023-38958

An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request...

5.6AI score0.00312EPSS
Exploits0References1
CVE
CVE
added 2023/08/03 12:0 a.m.69 views

CVE-2023-38954

CVE-2023-38954 affects ZKTeco BioAccess IVS v3.3.1. The root cause is improper protection of the SQL query structure, enabling a SQL injection that could be exploited remotely. Documented impact is high (as per CVSS evaluation). There is no publicly documented patch in the provided sources; as a ...

9.8CVSS9.8AI score0.00504EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/03 12:0 a.m.63 views

CVE-2023-38955

ZKTeco BioAccess IVS v3.3.1 is affected by an information-disclosure vulnerability. Unauthenticated attackers can obtain sensitive details of all managed devices (IPs, device names) due to insufficient protection of service data on the web platform. The issue is documented in CVE-2023-38955 with ...

7.5CVSS7.3AI score0.00498EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/03 12:0 a.m.59 views

CVE-2023-38958

The CVE-2023-38958 entry describes an access control flaw in ZKTeco BioAccess IVS v3.3.1. An unauthenticated attacker can remotely close and open doors managed by the platform by sending a crafted web request. Root cause cited across sources is improper access control. Affected component: BioAcce...

5.3CVSS5.3AI score0.00312EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.7 views

ZKTeco BioAccess IVS 安全漏洞

ZKTeco BioAccess IVS is a lite web-based security platform from ZKTeco, China. An Access Control Error vulnerability exists in ZKTeco BioAccess IVS v3.3.1, which arises from improper access control and can be exploited by an attacker to arbitrarily close and open the door to the platform...

5.3CVSS6.8AI score0.00312EPSS
Exploits0References3
Rows per page
Query Builder