85 matches found
Suprema BioStar <2.8.2 - Local File Inclusion
Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files from the server via local file inclusion. id: CVE-2020-15050 info: name: Suprema BioStar 2.8.2 - Local File Inclusion author: gy741 severity: high description: Suprema BioStar before 2.8.2 Video Extensio...
CVE-2026-9508
Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...
CVE-2026-9509 Uncaught exception vulnerability in Suprema's BioStar
An unhandled exception in Suprema BioStar 2 Server, versions 2.9.8, 2.9.10, and 2.9.11, that allows an unauthenticated remote attacker to cause a denial of service DoS by sending HTTP POST requests to the ‘/api/migration’ endpoint. This request triggers a failure that halts critical processes,...
CVE-2026-9509
CVE-2026-9509 affects Suprema BioStar 2 Server (versions 2.9.8, 2.9.10, 2.9.11). An unhandled exception triggered by unauthenticated HTTP POST requests to the /api/migration endpoint can cause a denial of service, halting critical processes and leaving the system offline until services or the ser...
CVE-2026-9508
Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...
EUVD-2026-33282
Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...
Suprema BioStar 安全漏洞
Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, visitor management, and video log maintenance. There were security vulnerabilities in the versions of Suprem...
PT-2026-44832
Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...
PT-2026-44833
An unhandled exception in Suprema BioStar 2 Server, versions 2.9.8, 2.9.10, and 2.9.11, that allows an unauthenticated remote attacker to cause a denial of service DoS by sending HTTP POST requests to the ‘/api/migration’ endpoint. This request triggers a failure that halts critical processes,...
CVE-2025-41257
Suprema’s BioStar 2 in version 2.9.11.6 allows users to set new password without providing the current one. Exploiting this flaw combined with other vulnerabilities can lead to unauthorized account access and potential system compromise...
CVE-2025-41257
Suprema BioStar 2 (v2.9.11.6) contains a vulnerability that allows changing a user’s password without providing the current one. This insecure password-change flow could enable unauthorized account access and, in combination with other weaknesses, potential system compromise. The CVE notes a base...
Suprema BioStar 安全漏洞
Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, guest management, and video log maintenance. A security vulnerability exists in the version 2.2.9.11.6 of...
CVE-2022-38351
A vulnerability in Suprema BioStar aka Bio Star 2 v2.8.16 allows attackers to escalate privileges to System Administrator via a crafted PUT request to the update profile page...
EUVD-2023-37528
Malicious code in bioql PyPI...
EUVD-2023-36212
Malicious code in bioql PyPI...
EUVD-2023-30947
Malicious code in bioql PyPI...
EUVD-2022-40941
Malicious code in bioql PyPI...
EUVD-2023-37527
Malicious code in bioql PyPI...
EUVD-2023-37526
Malicious code in bioql PyPI...
EUVD-2023-37529
Malicious code in bioql PyPI...