9 matches found
EUVD-2020-0397
Malware in sbrugna...
Information Disclosure
HaemmerElectronics.SeppPenner.WindowsHello is vulnerable to information disclosure. Text encrypted using the package that is written to a file can be decrypted by another executable by using the static method NCryptDecrypt from the same library...
CVE-2020-11005
The WindowsHello open source library NuGet HaemmerElectronics.SeppPenner.WindowsHello, before version 1.0.4, has a vulnerability where encrypted data could potentially be decrypted without needing authentication. If the library is used to encrypt text and write the output to a txt file, another...
CVE-2020-11005
The WindowsHello open source library NuGet HaemmerElectronics.SeppPenner.WindowsHello, before version 1.0.4, has a vulnerability where encrypted data could potentially be decrypted without needing authentication. If the library is used to encrypt text and write the output to a txt file, another...
Authentication flaw
The WindowsHello open source library NuGet HaemmerElectronics.SeppPenner.WindowsHello, before version 1.0.4, has a vulnerability where encrypted data could potentially be decrypted without needing authentication. If the library is used to encrypt text and write the output to a txt file, another...
GHSA-WVPV-FFCV-R6CW Internal NCryptDecrypt method could be used externally from WindowsHello library.
Impact Every user of the library before version 1.0.4. Patches Patched in 1.0.4+. Workarounds None. References https://github.com/SeppPenner/WindowsHello/issues/3 For more information It this library is used to encrypt text and write the output to a txt file, another executable could be able to...
Internal NCryptDecrypt method could be used externally from WindowsHello library.
Impact Every user of the library before version 1.0.4. Patches Patched in 1.0.4+. Workarounds None. References https://github.com/SeppPenner/WindowsHello/issues/3 For more information It this library is used to encrypt text and write the output to a txt file, another executable could be able to...
CVE-2020-11005 Internal NCryptDecrypt method could be used externally from WindowsHello library.
The WindowsHello open source library NuGet HaemmerElectronics.SeppPenner.WindowsHello, before version 1.0.4, has a vulnerability where encrypted data could potentially be decrypted without needing authentication. If the library is used to encrypt text and write the output to a txt file, another...
CVE-2020-11005
CVE-2020-11005 affects the WindowsHello open source library (NuGet HaemmerElectronics.SeppPenner.WindowsHello) prior to version 1.0.4. The vulnerability allows encrypted data to be decrypted without authenticating Windows Hello, if text is encrypted and written to a file and another executable us...