CVE-2019-18232

SafeNet Sentinel LDK License Manager, all versions prior to 7.101only Microsoft Windows versions are affected is vulnerable when configured as a service. This vulnerability may allow an attacker with local access to create, write, and/or delete files in system folder using symbolic links, leading...

Gemalto SafeNet Sentinel LDK License Manager Backlink Vulnerability

SafeNet Sentinel LDK License Manager is a license manager. A backlink vulnerability exists in Gemalto SafeNet Sentinel LDK License Manager. The vulnerability arises from a network system or product that does not properly filter the filenames of links or shortcuts that represent unintended...

Thales DIS SafeNet Sentinel LDK License Manager Runtime

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Thales DIS Equipment: SafeNet Sentinel LDK License Manager Runtime Vulnerability: Link Following 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to escalate privileges. 3...

CVE-2019-15809

Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private...

CVE-2019-15809

Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private...

Design/Logic Flaw

Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private...

CVE-2019-15809

Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private...

ICONICS GENESIS (32 & 64) Vulnerabilities

OVERVIEW This advisory is a follow-up to ICS-ALERT-11-080-02 ICONICS GENESIS 32 & 64 Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent security researcher has published 13 vulnerabilities with proof of concept PoC code for the ICONICS GENESIS32 and GENESIS64...

Gemalto SafeNet Authentication Service Windows Logon Agent elevation of privilege vulnerability (CNVD-2018-04633)

Gemalto SafeNet Authentication Service Windows Logon Agent is a SafeNet Authentication Service Windows Logon Agent from Gemalto USA. A security vulnerability exists in the Gemalto SafeNet Authentication Service Windows Logon Agent that stems from the program's use of weak access control lists for...

Gemalto SafeNet Authentication Service for Outlook Web App Agent Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service for Outlook Web App Agent is a SafeNet Authentication Service agent for Outlook applications from Gemalto USA. A security vulnerability exists in Gemalto SafeNet Authentication Service for Outlook Web App Agent, which stems from the program's use of weak...

Gemalto SafeNet Authentication Service TokenValidator Proxy Agent Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service TokenValidator Proxy Agent is a proxy program from Gemalto USA. The program implements proxy authentication requests from other proxies to the SAS. A security vulnerability exists in the Gemalto SafeNet Authentication Service TokenValidator Proxy Agent that...

Gemalto SafeNet Authentication Service for AD FS Agent Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service for AD FS Agent is a federated authentication service agent from Gemalto USA. A security vulnerability exists in Gemalto SafeNet Authentication Service for AD FS Agent, which stems from the program's use of weak access control lists for installation...

Gemalto SafeNet Authentication Service IIS Agent Elevation of Privilege Vulnerability

The Gemalto SafeNet Authentication Service IIS Agent is a Gemalto agent that provides two-factor authentication for systems running Microsoft Internet Information Services IIS including Outlook Web Access, the mail client component. The security vulnerability in the Gemalto SafeNet Authentication...

Gemalto SafeNet Authentication Service for NPS Agent Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service for NPS Agent is a network access policy agent from Gemalto USA. A security vulnerability exists in Gemalto SafeNet Authentication Service for NPS Agent due to the program's use of weak access control lists for installation directories and executable modules...

Gemalto SafeNet Authentication Service for Citrix Web Interface Agent Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service for Citrix Web Interface Agent is a SafeNet Authentication Service Agent for Citrix Web Interface from Gemalto, Inc. A security vulnerability exists in Gemalto SafeNet Authentication Service for Citrix Web Interface Agent, which stems from the program's use ...

Gemalto SafeNet Authentication Service Windows Logon Agent Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service Windows Logon Agent is a SafeNet Authentication Service Windows Logon Agent from Gemalto USA. A security vulnerability exists in the Gemalto SafeNet Authentication Service Windows Logon Agent that stems from the program's use of weak access control lists for...

Gemalto SafeNet Authentication Service End User Software Tools for Windows Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service End User Software Tools for Windows is a Windows-based SafeNet Authentication Service tool from Gemalto USA. A security vulnerability exists in SafeNet Authentication Service End User Software Tools for Windows that stems from the program's use of weak acces...

Authentication flaw

SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module...

CVE-2015-7962

SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module...

Code injection

SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965...