Vulnerabilities > Gemalto > High

DATE CVE VULNERABILITY TITLE RISK
2019-12-11 CVE-2019-18232 Link Following vulnerability in Gemalto Sentinel LDK License Manager
SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service.
local
low complexity
gemalto CWE-59
7.8
2019-06-05 CVE-2019-9156 OS Command Injection vulnerability in Gemalto Ezio DS3 Server 2.6.1
Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection.
low complexity
gemalto CWE-78
8.0
2019-04-11 CVE-2019-6534 Uncontrolled Search Path Element vulnerability in Gemalto Sentinel Ultrapro Client Library 1.3.0/1.3.1/1.3.2
The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file.
local
low complexity
gemalto CWE-427
7.8
2018-08-18 CVE-2018-15492 Asymmetric Resource Consumption (Amplification) vulnerability in Gemalto Sentinel License Manager 8.5.3.2403/8.5.3.35
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
network
low complexity
gemalto CWE-405
7.5
2018-03-13 CVE-2018-6305 Unspecified vulnerability in Gemalto Sentinel LDK RTE
Denial of service in Gemalto's Sentinel LDK RTE version before 7.65
network
low complexity
gemalto
7.5
2018-03-13 CVE-2018-6304 Out-of-bounds Write vulnerability in Gemalto Sentinel LDK RTE
Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service
network
low complexity
gemalto CWE-787
7.5
2018-03-02 CVE-2015-7967 Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for Citrix web Interface Agent
SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
local
low complexity
gemalto CWE-264
7.8
2018-03-02 CVE-2015-7966 Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Windows Logon Agent
SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965.
local
low complexity
gemalto CWE-264
7.8
2018-03-02 CVE-2015-7965 Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Windows Logon Agent
SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966.
local
low complexity
gemalto CWE-264
7.8
2018-03-02 CVE-2015-7964 Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for NPS Agent
SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
local
low complexity
gemalto CWE-264
7.8