8 matches found
Microsoft Windows Hello 安全漏洞
Microsoft Windows Hello is a biometric-based login from Microsoft Corporation USA that allows you to sign in using your face, fingerprint or PIN. A security vulnerability exists in Microsoft Windows Hello that stems from an attacker's ability to bypass certain features by exploiting the...
Microsoft Windows Hello 安全漏洞
Microsoft Windows Hello is a biometric-based login from Microsoft USA that allows you to sign in using your face, fingerprint or PIN. A security vulnerability exists in Microsoft Windows Hello. An attacker could exploit this vulnerability to conduct spoofing attacks. The following products and...
WordPress Biometric Login for WooCommerce Plugin < 1.0.4 is vulnerable to Privilege Escalation
Software Biometric Login for WooCommerce Type Plugin Vulnerable versions 1.0.4 Fixed in 1.0.4 OWASP Top 10 A2: Broken Authentication Classification Privilege Escalation CVE N/A Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 23f90f576a47 Credits Alexander Concha Required...
Biometric Login for WooCommerce < 1.0.4 - Unauthenticated Privilege Escalation
Description The plugin does not validate that a user's WebAuthn authentication request succeeded before sending them authentication cookies, making it possible for unauthenticated attackers to take over any accounts having WebAuthn credentials set up on affected sites. PoC While on the site not...
Biometric Login for WooCommerce < 1.0.4 - Unauthenticated Privilege Escalation
Description The plugin does not validate that a user's WebAuthn authentication request succeeded before sending them authentication cookies, making it possible for unauthenticated attackers to take over any accounts having WebAuthn credentials set up on affected sites. While on the site not logge...
Microsoft Windows Hello 安全漏洞
Microsoft Windows Hello is a biometric-based login from Microsoft Corporation USA that allows you to sign in using your face, fingerprint or PIN. A security vulnerability exists in Microsoft Windows Hello. The following products and editions are affected: Windows 10 Version 20H2 for x64-based...
Samsung Pass Access Authentication Error Vulnerability (CNVD-2025-02720)
Samsung Pass is a secure and easy way to log in to websites and applications on your cell phone using biometrics from Samsung South Korea. An Access Authentication Error vulnerability exists in versions prior to Samsung Pass 3.0.02.4, which stems from a lack of proper authentication logic in...
Microsoft Windows Hello 安全特征问题漏洞
Microsoft Windows Hello is a biometric-based login from Microsoft Corporation USA that allows you to sign in using your face, fingerprint or PIN. Microsoft Windows Hello is vulnerable to a security signature issue. The following products and editions are affected: Windows 10 Version 1809 for 32-b...