Synel
Products
6- 4 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-32227 | Cri | 0.64 | 9.8 | 0.01 | Jul 30, 2023 | Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials | ||
| CVE-2023-37213 | Hig | 0.57 | 8.8 | 0.01 | Jul 30, 2023 | Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection' | ||
| CVE-2023-37220 | Hig | 0.47 | 7.2 | 0.00 | Sep 3, 2023 | Synel Terminals - CWE-494: Download of Code Without Integrity Check | ||
| CVE-2022-36778 | Med | 0.42 | 6.5 | 0.00 | Sep 13, 2022 | insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code. | ||
| CVE-2022-34768 | Med | 0.42 | 6.5 | 0.00 | Aug 5, 2022 | insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code. | ||
| CVE-2021-36718 | Med | 0.40 | 6.1 | 0.01 | Dec 8, 2021 | SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data (Employee name, Employee ID number, Working hours etc') The vulnerabilety has been addressed and fixed on version 11.… | ||
| CVE-2022-22790 | Med | 0.36 | 5.6 | 0.01 | Jan 28, 2022 | SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access to the file system. on the "Name" parameter the attacker can return to the root directory and open the host file. The path exposes… | ||
| CVE-2012-2970 | 0.00 | — | 0.01 | Jul 9, 2012 | The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735. |
- risk 0.64cvss 9.8epss 0.01
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials
- risk 0.57cvss 8.8epss 0.01
Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'
- risk 0.47cvss 7.2epss 0.00
Synel Terminals - CWE-494: Download of Code Without Integrity Check
- risk 0.42cvss 6.5epss 0.00
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.
- risk 0.42cvss 6.5epss 0.00
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.
- risk 0.40cvss 6.1epss 0.01
SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data (Employee name, Employee ID number, Working hours etc') The vulnerabilety has been addressed and fixed on version 11.…
- risk 0.36cvss 5.6epss 0.01
SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access to the file system. on the "Name" parameter the attacker can return to the root directory and open the host file. The path exposes…
- CVE-2012-2970Jul 9, 2012risk 0.00cvss —epss 0.01
The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735.