5 matches found
CVE-2019-18619
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave all versions prior to 2019-11-15 allows a local user to execute arbitrary code in the enclave that can compromise confidentiality of enclave data via APIs that accept invalid pointers...
CVE-2019-13603
An issue was discovered in the HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combinatio...
Code injection
An issue was discovered in the HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combinatio...
CVE-2019-13603
An issue was discovered in the HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combinatio...
CVE-2019-13603
The CVE-2019-13603 entry concerns HID Global DigitalPersona U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. The root cause is a statically coded initialization vector used to encrypt a user’s fingerprint image, yielding weak encryption. In combination with access to an...