CVE-2024-23592

MEDIUM Year: 2024
CVSS v3 Score
6.3
Medium
Weakness Type
CWE-358
View all →

Vulnerability Description

An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with physical access to replay fingerprints and bypass Windows Hello authentication.

Related Vulnerabilities

CVE-2018-20934

MEDIUM
CVSS:6.5(Medium)

cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned accounts (SEC-411).

CWE-3582018

CVE-2020-1761

MEDIUM
CVSS:6.1(Medium)

A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this flaw to get the access token via physical access, or an XSS att...

CWE-3582020

CVE-2023-28601

MEDIUM
CVSS:6.5(Medium)

Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. A malicious user may alter protected Zoom Client memory buffe...

CWE-3582023

CVE-2024-5500

MEDIUM
CVSS:6.5(Medium)

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

CWE-3582024

CVE-2016-8635

MEDIUM
CVSS:5.9(Medium)

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining th...

CWE-3582016

CVE-2018-16857

MEDIUM
CVSS:5.9(Medium)

Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch fo...

CWE-3582018