599 matches found
CVE-2025-68712
SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...
CVE-2025-68712
SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...
CVE-2025-68712
SpSoft AppLock (com.sp.protector.free) v7.9.40 for Android is affected. A local attacker with physical access can bypass fingerprint/PIN due to a custom overlay that does not consistently enforce authentication. Cascading interface flows and exposed routes via ads or browser intents allow exiting...
CVE-2025-68712
SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...
CVE-2025-68712
SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...
Biometrics, diagnoses, and bank details exposed in major healthcare breach
NYC Health + Hospitals NYC H+H posted a data breach notice about a months‑long breach via a third‑party vendor that exposed highly sensitive patient and employee data for at least 1.8 million people, including medical records, government IDs, geolocation data, and even fingerprint and palm‑print...
YouTube wants your face to fight deepfakes
If you're worried about deepfake likenesses of yourself showing up online, you're not alone; YouTube is worried for you. It wants to protect you by having you upload a selfie video and government ID to its site. The idea is that the video giant will use its own AI to patrol the service for fake...
Breaking things to keep them safe with Philippe Laulheret
In the latest Humans of Talos, Amy sits down with Senior Vulnerability Researcher Philippe Laulheret to demystify the world of ethical hacking. Philippe shares his unique journey from French engineering school to the front lines of cybersecurity, explaining how his lifelong love for solving puzzl...
Anviz CX7和Anviz CX2 Lite 安全漏洞
Both Anviz CX7 and Anviz CX2 Lite are products of the American company Anviz. The Anviz CX7 is a smart terminal device integrated with biometric identification and access control functions. The Anviz CX2 Lite is also a smart terminal device that integrates face recognition and access control...
CVE-2026-32088
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...
EUVD-2026-22524
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...
CVE-2026-32088
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...
CVE-2026-32088 Windows Biometric Service Security Feature Bypass Vulnerability
...
CVE-2026-32088
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...
CVE-2026-32088
CVE-2026-32088 describes a security feature bypass in the Windows Biometric Service. Affected component: Windows Biometric Framework service on Windows. The underlying root cause is not explicitly detailed in the provided documents. CVSS metrics indicate an attacker with physical access can explo...
CVE-2026-32088 Windows Biometric Service Security Feature Bypass Vulnerability
...
Windows Biometric Service Security Feature Bypass Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...
Microsoft Windows 竞争条件问题漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows Biometric Service has a vulnerability that can lead to competitive conditions. Attackers can exploit this vulnerability to bypass certain features. The following products and...
PT-2026-32814
CVE-2026-32088 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a s… https://t.co/RESeqOUtu9...
CVE-2026-35455
immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...