CVSS: 9.8EPSS: 0%CPEs: 42EXPL: 0CVE-2023-37220 – Synel Terminals - CWE-494: Download of Code Without Integrity Check
https://notcve.org/view.php?id=CVE-2023-37220
Synel Terminals - CWE-494: Download of Code Without Integrity Check Synel Terminals - CWE-494: Descarga de código sin comprobación de integridad. • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-494: Download of Code Without Integrity Check •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-37213 – Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'
https://notcve.org/view.php?id=CVE-2023-37213
Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection' • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32227 – Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials
https://notcve.org/view.php?id=CVE-2023-32227
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36778 – Synel - eHarmony Stored XSS
https://notcve.org/view.php?id=CVE-2022-36778
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code. insertar código HTML / js dentro de la entrada how para llegar a la entrada vulnerable : Workers > worker nickname > inyectar en esta entrada el código • https://www.gov.il/en/departments/faq/cve_advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22791 – SYNEL - eharmony Authenticated Blind & Stored XSS
https://notcve.org/view.php?id=CVE-2022-22791
SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system. SYNEL - eharmony presenta una vulnerabilidad de tipo XSS Autenticado, Ciego y Almacenado. Una inyección de código JS en el campo "comments" podría conllevar un potencial robo de cookies, carga de etiquetas HTML y código JS en el sistema • https://www.gov.il/en/departments/faq/cve_advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •