Vendor
Gemalto
Products
5
CVEs
7
Across products
9
Status
Private
Products
5- 5 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-12822 | Cri | 0.64 | 9.9 | 0.00 | Oct 4, 2017 | Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors. | |
| CVE-2017-12821 | Cri | 0.64 | 9.8 | 0.03 | Oct 4, 2017 | Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution. | |
| CVE-2017-12819 | Cri | 0.64 | 9.8 | 0.00 | Oct 4, 2017 | Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55. | |
| CVE-2017-6953 | Hig | 0.54 | 7.8 | 0.00 | May 8, 2017 | Gemalto SmartDiag Diagnosis Tool v2.5 has a stack-based Buffer Overflow with SEH Overwrite via long "Register a new card" input fields. There may be a risk of local code execution with untrusted input to SmartDiag.exe or SymDiag.exe. | |
| CVE-2017-12820 | Hig | 0.49 | 7.5 | 0.01 | Oct 4, 2017 | Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. | |
| CVE-2017-12818 | Hig | 0.49 | 7.5 | 0.01 | Oct 4, 2017 | Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. | |
| CVE-2015-5464 | 0.00 | — | 0.00 | Jul 22, 2015 | The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition. |