Lucene search
K

202 matches found

Microsoft KB
Microsoft KB
added 2024/04/09 7:0 a.m.98 views

April 9, 2024—KB5036894 (OS Build 22000.2899)

April 9, 2024—KB5036894 OS Build 22000.2899 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 21H2, see its update history page. Note Follow @WindowsUpdate to find out...

8.8CVSS7.4AI score0.45151EPSS
Exploits6
Microsoft KB
Microsoft KB
added 2024/04/09 7:0 a.m.256 views

April 9, 2024—KB5036909 (OS Build 20348.2402)

April 9, 2024—KB5036909 OS Build 20348.2402 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when n...

8.8CVSS9.2AI score0.62576EPSS
Exploits6
NVD
NVD
added 2024/04/05 9:15 p.m.12 views

CVE-2024-23592

An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with physical access to replay fingerprints and bypass Windows Hello authentication...

6.3CVSS6.3AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2024/04/05 8:46 p.m.65 views

CVE-2024-23592

CVE-2024-23592 describes an authentication bypass in Lenovo devices equipped with Synaptics fingerprint readers, enabling an attacker with physical access to replay fingerprints and bypass Windows Hello authentication. The vulnerability arises in the fingerprint authentication mechanism and could...

6.3CVSS6.8AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/05 8:46 p.m.17 views

CVE-2024-23592

An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with physical access to replay fingerprints and bypass Windows Hello authentication...

6.3CVSS6.5AI score0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/05 8:46 p.m.13 views

CVE-2024-23592

An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with physical access to replay fingerprints and bypass Windows Hello authentication...

6.3CVSS7AI score0.0025EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.5 views

PT-2024-19953 · Synaptics +2 · Synaptics Fingerprint Readers +2

Name of the Vulnerable Software and Affected Versions: Lenovo devices with Synaptics fingerprint readers affected versions not specified Description: An authentication bypass issue was reported in Lenovo devices with Synaptics fingerprint readers. This could allow an attacker with physical access...

6.3CVSS7AI score0.0025EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/05 12:0 a.m.5 views

Lenovo Fingerprint Reader 安全漏洞

Lenovo Fingerprint Reader is a fingerprint recognition module from the Chinese company Lenovo Lenovo. A security vulnerability exists in Lenovo Fingerprint Reader that originates from allowing bypassing Windows Hello authentication...

6.3CVSS6.7AI score0.0025EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2024/03/26 12:0 a.m.7 views

March 26, 2024—KB5035941 (OS Build 19045.4239) Preview

March 26, 2024—KB5035941 OS Build 19045.4239 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

6.9AI score
Exploits0
Lenovo
Lenovo
added 2024/03/12 4:32 p.m.9 views

Fingerprint Reader Vulnerabilities - Lenovo Support US

No description provided...

7.3AI score
Exploits0
NVD
NVD
added 2024/01/12 2:15 a.m.24 views

CVE-2024-0454

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

6.1CVSS6.1AI score0.00253EPSS
Exploits0References2
OSV
OSV
added 2024/01/12 2:15 a.m.2 views

CVE-2024-0454

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

6.1CVSS5.7AI score0.00253EPSS
Exploits0References2
Prion
Prion
added 2024/01/12 2:15 a.m.16 views

Design/Logic Flaw

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

3.6CVSS7.1AI score0.00253EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/12 1:48 a.m.10 views

CVE-2024-0454 Security Vulnerability on Match-on-Chip FPR Architecture

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

6CVSS6.9AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/12 1:48 a.m.52 views

CVE-2024-0454 Security Vulnerability on Match-on-Chip FPR Architecture

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

6CVSS6.5AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2024/01/12 1:48 a.m.46 views

CVE-2024-0454

The CVE-2024-0454 issue affects Dell EMC ELAN Match-on-Chip FPR solutions, where a design fault can cause valid SID leakage and enumeration with a spoof sensor, enabling bypass of Windows Hello by cloning the SID to break account identity on the Dell Inspiron platform. Documented affected version...

6.1CVSS6.2AI score0.00253EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/12 12:0 a.m.5 views

PT-2024-15573 · Microsoft +1 · Windows Shell +1

Name of the Vulnerable Software and Affected Versions: ELAN Match-on-Chip FPR solution versions prior to 3.0.12011.08009 Legacy ELAN Match-on-Chip FPR solution versions prior to 3.3.12011.08103 ESS Description: The ELAN Match-on-Chip FPR solution has a design fault that poses a potential risk of...

6.1CVSS6.2AI score0.00253EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.3 views

Dell EMC ELAN Match-on-Chip FPR solution Security Vulnerability

The Dell EMC ELAN Match-on-Chip FPR solution is an on-chip match-on-chip FPR solution from Dell USA. A security vulnerability exists in previous versions of the Dell EMC ELAN Match-on-Chip FPR solution 3.0.12011.08009 Legacy/3.3.12011.08103 ESS, which stems from a SID leakage vulnerability that c...

6.1CVSS6.7AI score0.00253EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/12/09 10:15 p.m.2 views

CVE-2023-50430

The Goodix Fingerprint Device, as shipped in Dell Inspiron 15 computers, does not follow the Secure Device Connection Protocol SDCP when enrolling via Linux, and accepts an unauthenticated configuration packet to select the Windows template database, which allows bypass of Windows Hello...

6.4CVSS6.6AI score0.00412EPSS
Exploits1References2
NVD
NVD
added 2023/12/09 10:15 p.m.34 views

CVE-2023-50430

The Goodix Fingerprint Device, as shipped in Dell Inspiron 15 computers, does not follow the Secure Device Connection Protocol SDCP when enrolling via Linux, and accepts an unauthenticated configuration packet to select the Windows template database, which allows bypass of Windows Hello...

6.4CVSS0.00412EPSS
Exploits1References1
Rows per page
Query Builder