Lucene search
K

202 matches found

OSV
OSV
added 2025/04/08 6:15 p.m.2 views

CVE-2025-26644

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally...

5.1CVSS7.3AI score0.00496EPSS
Exploits0References1
NVD
NVD
added 2025/04/08 6:15 p.m.12 views

CVE-2025-26635

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network...

6.5CVSS0.01328EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 6:15 p.m.0 views

CVE-2025-26635

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network...

6.5CVSS7.3AI score0.01328EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/08 5:23 p.m.26 views

CVE-2025-26644 Windows Hello Spoofing Vulnerability

...

5.1CVSS0.00496EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/08 5:23 p.m.14 views

CVE-2025-26644 Windows Hello Spoofing Vulnerability

...

5.1CVSS7.2AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 5:23 p.m.125 views

CVE-2025-26644

CVE-2025-26644 affects Windows Hello by allowing local spoofing due to inadequate handling of adversarial input perturbations. Microsoft documents a Windows Hello security fix path via monthly updates (e.g., KB5055528 for Windows 11 22621/22631; KB5055519 for older Windows builds) that enforces v...

5.1CVSS7AI score0.00496EPSS
Exploits0References1Affected Software8
Cvelist
Cvelist
added 2025/04/08 5:23 p.m.22 views

CVE-2025-26635 Windows Hello Security Feature Bypass Vulnerability

...

6.5CVSS0.01328EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 5:23 p.m.108 views

CVE-2025-26635

CVE-2025-26635 describes a Windows Hello security feature bypass caused by weak authentication, enabling an authorized attacker to bypass a security feature over the network. The CVSS 3.1 vector (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N) yields a base score of 6.5 (Medium) with confidentiality and int...

6.5CVSS7.4AI score0.01328EPSS
Exploits0References1Affected Software8
Vulnrichment
Vulnrichment
added 2025/04/08 5:23 p.m.33 views

CVE-2025-26635 Windows Hello Security Feature Bypass Vulnerability

...

6.5CVSS7.2AI score0.01328EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.26 views

Windows Hello Spoofing Vulnerability

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally...

5.1CVSS6.8AI score0.00496EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.24 views

Windows Hello Security Feature Bypass Vulnerability

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network...

6.5CVSS7.1AI score0.01328EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.4 views

PT-2025-15499

Name of the Vulnerable Software and Affected Versions: Windows Hello affected versions not specified Description: The issue concerns an automated recognition mechanism in Windows Hello that fails to adequately detect or handle adversarial input perturbations, allowing an unauthorized attacker to...

5.1CVSS8.4AI score0.00496EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.4 views

PT-2025-15493 · Microsoft · Windows Shell +1

Name of the Vulnerable Software and Affected Versions: Windows Hello affected versions not specified Description: A security-feature bypass issue exists, allowing an authorized attacker to bypass a security feature. This could potentially affect the system. Recommendations: At the moment, there i...

8.5CVSS6.7AI score0.01328EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.5 views

Microsoft Windows Hello 安全漏洞

Microsoft Windows Hello is a biometric-based login from Microsoft USA that allows you to sign in using your face, fingerprint or PIN. A security vulnerability exists in Microsoft Windows Hello. An attacker could exploit this vulnerability to conduct spoofing attacks. The following products and...

5.1CVSS8.1AI score0.00496EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.7 views

Microsoft Windows Hello 安全漏洞

Microsoft Windows Hello is a more personalized and secure way to sign in to your Windows device. A security feature bypass vulnerability exists in Microsoft Windows Hello, which can be exploited by an attacker to bypass certain features...

6.5CVSS6.7AI score0.01328EPSS
Exploits0References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/08/16 5:24 a.m.11 views

Insights and highlights from DEF CON 32

TL; DR Event Dates : August 8-11, 2024, in Las Vegas. PTP Presentations : Windows Hello : Our Ceri Coburn with Outsider Security's Dirk-Jan Mollema revealed vulnerabilities in biometric authentication. Maritime Security : Paul Brownridge discussed vulnerabilities in maritime systems and...

7.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2024/08/13 7:0 a.m.211 views

June 11, 2024—KB5039227 (OS Build 20348.2527)

June 11, 2024—KB5039227 OS Build 20348.2527 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when n...

9.8CVSS8.4AI score0.81729EPSS
Exploits20
Microsoft Secure
Microsoft Secure
added 2024/05/20 6:0 p.m.23 views

New Windows 11 features strengthen security to address evolving cyberthreat landscape

Ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of PCs, we are introducing important security features and updates that make Windows 11 more secure for users and organizations and give developers the tools...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2024/05/14 7:0 a.m.105 views

May 14, 2024—KB5037768 (OS Builds 19044.4412 and 19045.4412) - EXPIRED

May 14, 2024—KB5037768 OS Builds 19044.4412 and 19045.4412 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. ---...

8.8CVSS7.6AI score0.11471EPSS
Exploits4
Microsoft Secure
Microsoft Secure
added 2024/05/02 1:0 p.m.14 views

Microsoft introduces passkeys for consumer accounts

Ten years ago, Microsoft envisioned a bold future: a world free of passwords. Every year, we celebrate World Password Day by updating you on our progress toward eliminating passwords for good. Today, we’re announcing passkey support for Microsoft consumer accounts, the next step toward our vision...

7.2AI score
Exploits0
Rows per page
Query Builder