EUVD-2022-43750

Malicious code in bioql PyPI...

EUVD-2024-35334

Malicious code in bioql PyPI...

EUVD-2024-35336

Malicious code in bioql PyPI...

CVE-2024-35430

In ZKTeco ZKBio CVSecurity v6.1.1R and earlier fixed in 6.1.3R an authenticated user can bypass password checks while exporting data from the application...

CVE-2024-35431

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Third parties have indicated other versions are also vulnerable including up to 6.4.1...

PT-2024-37308 · Zkteco · Zkteco Zkbio Cvsecurity V5000

Name of the Vulnerable Software and Affected Versions: ZKTeco ZKBio CVSecurity V5000 version 4.1.0 Description: A vulnerability was found in the Department Section component, where the manipulation of the Department Name argument leads to cross-site scripting. The attack can be launched remotely...

PT-2024-37309 · Zkteco · Zkbio Cvsecurity V5000

Name of the Vulnerable Software and Affected Versions: ZKTeco ZKBio CVSecurity V5000 version 4.1.0 Description: A vulnerability was found in the component Summer Schedule Handler. The manipulation of the Schedule Name argument leads to cross-site scripting. The attack may be launched remotely. Th...

CVE-2024-35431

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Third parties have indicated other versions are also vulnerable including up to 6.4.1...

PT-2024-19634 · Zkteco · Zkteco Zkbio Wdms

Name of the Vulnerable Software and Affected Versions: zkteco zkbio WDMS version 8.0.5 Description: An issue in the software allows an attacker to execute arbitrary code via the "/files/backup/" component. Recommendations: For zkteco zkbio WDMS version 8.0.5, consider restricting access to the...