10 matches found
EUVD-2023-44565
Malicious code in bioql PyPI...
EUVD-2023-44564
Malicious code in bioql PyPI...
EUVD-2023-44568
Malicious code in bioql PyPI...
CVE-2023-3943
Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects...
CVE-2023-3942
An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an attacker to, in some cases, impersonate another user or perform unauthorized actions. In other instances, it enables the...
CVE-2023-3941
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write any file on the system with root privileges. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others with the ZAM170-NF-1.8.25-7354-Ver1.0.0...
CVE-2023-3940
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others...
PT-2024-4482 · Smartec +1 · Smartec St-Fr041Me +2
Name of the Vulnerable Software and Affected Versions: ZkTeco-based OEM devices version ZAM170-NF-1.8.25-7354-Ver1.0.0 Description: The issue is related to an OS Command Injection vulnerability, which allows for the execution of arbitrary commands. This vulnerability affects ZkTeco-based OEM...
VulnCheck KEV: CVE-2022-42953
Certain ZKTeco products ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 ZEM500-510-560-760, ZEM600-800, ZEM720 and 15.00 ZMM200-220-210...
CVE-2022-42953
Certain ZKTeco products ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 ZEM500-510-560-760, ZEM600-800, ZEM720 and 15.00 ZMM200-220-210. The...