← Back

Synel

synel

8 CVEs • 46 products

Products (46)

Click to collapse
Toggle
Eharmony
eharmony
3 CVEs
Synergy/a Firmware
synergy/a_firmware
3 CVEs
Sy 780/a Time & Attendance Terminal
sy-780/a_time_&_attendance_terminal
1 CVE
Eharmonynew
eharmonynew
1 CVE
Synel Reports
synel_reports
1 CVE
Synergy Touch Firmware
synergy_touch_firmware
1 CVE
Synergy 10 Firmware
synergy_10_firmware
1 CVE
Synergy 5 Firmware
synergy_5_firmware
1 CVE
Sy 910 Firmware
sy-910_firmware
1 CVE
Synergy/x Firmware
synergy/x_firmware
1 CVE
Sy110 Face Firmware
sy110_face_firmware
1 CVE
Bioentry W2 Firmware
bioentry-w2_firmware
1 CVE
Biolite N2 Firmware
biolite-n2_firmware
1 CVE
Bioentry P2 Firmware
bioentry_p2_firmware
1 CVE
Sy 711 Firmware
sy-711_firmware
1 CVE
Sy 715 Firmware
sy-715_firmware
1 CVE
Sy 751 Firmware
sy-751_firmware
1 CVE
Sy 755 Firmware
sy-755_firmware
1 CVE
Sy 777 Firmware
sy-777_firmware
1 CVE
Sy 785 Firmware
sy-785_firmware
1 CVE
Sy 765 Firmware
sy-765_firmware
1 CVE
Sy 7500 Firmware
sy-7500_firmware
1 CVE
Sy 745 Firmware
sy-745_firmware
1 CVE
Sy 780 Firmware
sy-780_firmware
1 CVE
Synergy Firmware
synergy_firmware
1 CVE
Synergy/a
synergy/a
0 CVEs
Synergy Touch
synergy_touch
0 CVEs
Synergy 10
synergy_10
0 CVEs
Synergy 5
synergy_5
0 CVEs
Sy 910
sy-910
0 CVEs
Synergy/x
synergy/x
0 CVEs
Sy110 Face
sy110_face
0 CVEs
Bioentry W2
bioentry-w2
0 CVEs
Biolite N2
biolite-n2
0 CVEs
Bioentry P2
bioentry_p2
0 CVEs
Sy 711
sy-711
0 CVEs
Sy 715
sy-715
0 CVEs
Sy 751
sy-751
0 CVEs
Sy 755
sy-755
0 CVEs
Sy 777
sy-777
0 CVEs
Sy 785
sy-785
0 CVEs
Sy 765
sy-765
0 CVEs
Sy 7500
sy-7500
0 CVEs
Sy 745
sy-745
0 CVEs
Sy 780
sy-780
0 CVEs
Synergy
synergy
0 CVEs

CVEs (8)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-37220
1Synel
21Bioentry W2 Firmware
Bioentry P2 FirmwareBiolite N2 Firmware+18 more
Jun 17, 2026
Sep 3, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Synel Terminals - CWE-494: Download of Code Without Integrity Check
CVE-2023-37213
1Synel
1Synergy/a Firmware
Jun 17, 2026
Jul 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'
CVE-2023-32227
1Synel
1Synergy/a Firmware
Jun 17, 2026
Jul 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials
CVE-2022-36778
1Synel
1Eharmony
Jun 17, 2026
Sep 13, 2022
N/A· v4
5.4 MEDIUM· v3
N/A· v2
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.
CVE-2022-22791
1Synel
1Eharmony
Jun 17, 2026
Jan 28, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system.
CVE-2022-22790
1Synel
1Eharmony
Jun 17, 2026
Jan 28, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access to the file system. on the "Name" parameter the attacker can return to the root...Show more
SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access to the file system. on the "Name" parameter the attacker can return to the root directory and open the host file. The path exposes sensitive files that users uploadShow less
CVE-2021-36718
1Synel
2Eharmonynew
Synel Reports
Jun 17, 2026
Dec 8, 2021
N/A· v4
6.5 MEDIUM· v3
6.8 MEDIUM· v2
SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data (Employee name, Employee ID number, Working hours etc') The...Show more
SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data (Employee name, Employee ID number, Working hours etc') The vulnerabilety has been addressed and fixed on version 11. Default credentials , Security miscommunication , Sensetive data exposure vulnerability in Synel Reports of SYNEL eharmonynew, Synel Reports allows an attacker to log into the system with default credentials. This issue affects: SYNEL eharmonynew, Synel Reports 8.0.2 version 11 and prior versions.Show less
CVE-2012-2970
1Synel
1Sy 780/a Time & Attendance Terminal
Apr 29, 2026
Jul 9, 2012
N/A· v4
N/A· v3
7.8 HIGH· v2
The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735.