Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-44569

Malicious code in bioql PyPI...

10CVSS6.8AI score0.00949EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.11 views

CVE-2023-3939

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum possible. This issue affects...

10CVSS7.4AI score0.01324EPSS
Exploits0
NVD
NVD
added 2024/05/21 11:15 a.m.26 views

CVE-2023-3940

Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others...

7.5CVSS7.7AI score0.00775EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/21 9:32 a.m.29 views

CVE-2023-3938 Bypassing ZkTeco-based OEM devices/ZKTeco biometric authentication system via SQLi in QR code

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ZkTeco-based OEM devices allows an attacker to authenticate under any user from the device database. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec...

4.6CVSS5.3AI score0.00432EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.5 views

ZkTeco OEM 路径遍历漏洞

ZkTeco OEM is an intelligent system from the Chinese company ZkTeco. A path traversal vulnerability exists in ZkTeco OEM that originates from allowing an attacker to write to any file on the system with root privileges. The following products and versions are affected: ZkTeco ProFace X, Smartec...

10CVSS7.1AI score0.00917EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.5 views

ZkTeco OEM SQL注入漏洞

ZkTeco OEM is an intelligent system from the Chinese company ZkTeco. ZkTeco OEM suffers from a SQL injection vulnerability that stems from incorrect neutralization of special elements used in SQL commands, allowing an attacker to authenticate under any user in the device database. The following...

4.6CVSS8AI score0.00432EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.5 views

PT-2024-12808 · Zkteco · Zkteco-Based Oem Devices

Name of the Vulnerable Software and Affected Versions: ZKTeco-based OEM devices versions ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly other Standalone service versions 2.1.6-20200907 and possibly others Description: An SQL Injection vulnerability exists in ZKTeco-based OEM devices due to improper...

7.5CVSS8.6AI score0.00581EPSS
Exploits0References9
Rows per page
Query Builder