9 matches found
CVE-2026-40510
A flaw was found in OpenSC. A physically present attacker can exploit a stack buffer overflow vulnerability in the pivprocesshistory function by presenting a specially crafted Personal Identity Verification PIV smart card or USB device. This can lead to memory corruption within the system,...
EUVD-2022-25912
Malicious code in bioql PyPI...
US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID
For several years, Microsoft has been helping United States federal and state government groups, including military departments and civilian agencies, transition to a Zero Trust security model. Advanced features in Microsoft Entra ID have helped these organizations meet requirements to employ...
CVE-2022-20662
A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability exists because the assigned user of a smart card is not properly matched with the authenticating user. An attacke...
CVE-2022-20662 Cisco Duo for macOS Authentication Bypass Vulnerability
A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability exists because the assigned user of a smart card is not properly matched with the authenticating user. An attacke...
Cisco Duo 授权问题漏洞
Cisco Duo is a fully managed solution from Cisco, Inc. Provides secure access to your applications and data. Cisco Duo suffers from an authorization issue vulnerability that stems from a failure to properly match the smart card's designated user to an authenticated user, which can be exploited by...
Gallagher Command Centre 安全漏洞
Gallagher Command Centre Server is a management system used by Gallagher New Zealand to monitor and manage infrastructure in buildings. Gallagher Command Centre Server has a security vulnerability that could be exploited by attackers to bypass PIV authentication...
USN-4276-1 Yubico PIV Tool vulnerabilities
It was discovered that libykpiv, a supporting library of the Yubico PIV Tool and YubiKey PIV Manager, mishandled specially crafted input. An attacker with a custom-made, malicious USB device could potentially execute arbitrary code on a computer running the Yubico PIV Tool or Yubikey PIV Manager...
October 10, 2017—KB4041676 (OS Build 15063.674)
October 10, 2017—KB4041676 OS Build 15063.674 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where some UWP and Centennial apps show a gray icon and display the error...