Vulnerabilities > Thalesgroup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-20 | CVE-2021-42808 | Unspecified vulnerability in Thalesgroup Sentinel Protection Installer 7.7.0 Improper Access Control in Thales Sentinel Protection Installer could allow a local user to escalate privileges. | 6.7 |
| 2021-12-20 | CVE-2021-42809 | Improper Control of Dynamically-Managed Code Resources vulnerability in Thalesgroup Sentinel Protection Installer 7.7.0 Improper Access Control of Dynamically-Managed Code Resources (DLL) in Thales Sentinel Protection Installer could allow the execution of arbitrary code. | 7.8 |
| 2021-06-16 | CVE-2021-32928 | Unspecified vulnerability in Thalesgroup Sentinel LDK Run-Time Environment 7.6 The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port 1947. | 9.8 |
| 2021-06-16 | CVE-2021-28979 | Injection vulnerability in Thalesgroup Safenet Keysecure 8.12.0 SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. | 6.5 |
| 2020-08-21 | CVE-2020-15858 | Path Traversal vulnerability in Thalesgroup products Some devices of Thales DIS (formerly Gemalto, formerly Cinterion) allow Directory Traversal by physically proximate attackers. | 6.4 |
| 2019-10-03 | CVE-2019-15809 | Information Exposure Through Discrepancy vulnerability in multiple products Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. | 4.7 |