gemalto CVE Vulnerabilities & Metrics

Focus on gemalto vulnerabilities and metrics.

Last updated: 16 Apr 2025, 22:25 UTC

About gemalto Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with gemalto. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total gemalto CVEs: 26
Earliest CVE date: 22 Jul 2015, 10:59 UTC
Latest CVE date: 11 Dec 2019, 23:15 UTC

Latest CVE reference: CVE-2019-18232

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical gemalto CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 4.62

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	4
4.0-6.9	20
7.0-8.9	2
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS gemalto CVEs

These are the five CVEs with the highest CVSS scores for gemalto, sorted by severity first and recency.

CVE-2017-11497 gemalto Published on 03 Oct 2017, 01:29 UTC (CVSS: 7.5)
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters.
CVE-2017-11496 gemalto Published on 03 Oct 2017, 01:29 UTC (CVSS: 7.5)
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files.
CVE-2019-6534 gemalto Published on 11 Apr 2019, 21:29 UTC (CVSS: 6.8)
The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file.
CVE-2019-9156 gemalto Published on 05 Jun 2019, 19:29 UTC (CVSS: 5.2)
Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection.
CVE-2018-15492 gemalto Published on 18 Aug 2018, 02:29 UTC (CVSS: 5.0)
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.

All CVEs for gemalto

CVE-2019-18232 gemalto vulnerability CVSS: 4.6 11 Dec 2019, 23:15 UTC

SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service. This vulnerability may allow an attacker with local access to create, write, and/or delete files in system folder using symbolic links, leading to a privilege escalation. This vulnerability could also be used by an attacker to execute a malicious DLL, which could impact the integrity and availability of the system.

CVE-2019-8283 gemalto vulnerability CVSS: 4.3 07 Jun 2019, 15:29 UTC

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. This allows malicious javascript to steal it.

CVE-2019-8282 gemalto vulnerability CVSS: 2.6 07 Jun 2019, 15:29 UTC

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one.

CVE-2019-9158 gemalto vulnerability CVSS: 2.7 05 Jun 2019, 19:29 UTC

Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control.

CVE-2019-9157 gemalto vulnerability CVSS: 2.7 05 Jun 2019, 19:29 UTC

Gemalto DS3 Authentication Server 2.6.1-SP01 allows Local File Disclosure.

CVE-2019-9156 gemalto vulnerability CVSS: 5.2 05 Jun 2019, 19:29 UTC

Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injection.

CVE-2019-6534 gemalto vulnerability CVSS: 6.8 11 Apr 2019, 21:29 UTC

The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file.

CVE-2018-15492 gemalto vulnerability CVSS: 5.0 18 Aug 2018, 02:29 UTC

A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.

CVE-2018-8900 gemalto vulnerability CVSS: 4.3 02 May 2018, 21:29 UTC

The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center (ACC) for cross-site scripting (XSS) vulnerability.

CVE-2018-6305 gemalto vulnerability CVSS: 5.0 13 Mar 2018, 17:29 UTC

Denial of service in Gemalto's Sentinel LDK RTE version before 7.65

CVE-2018-6304 gemalto vulnerability CVSS: 5.0 13 Mar 2018, 17:29 UTC

Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service

CVE-2015-7967 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

CVE-2015-7966 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965.

CVE-2015-7965 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

CVE-2015-7964 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

CVE-2015-7963 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service for AD FS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

CVE-2015-7962 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

CVE-2015-7961 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

CVE-2015-7598 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

CVE-2015-7597 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

CVE-2015-7596 gemalto vulnerability CVSS: 4.6 02 Mar 2018, 22:29 UTC

SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

CVE-2017-11498 gemalto vulnerability CVSS: 5.0 03 Oct 2017, 01:29 UTC

Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files.

CVE-2017-11497 gemalto vulnerability CVSS: 7.5 03 Oct 2017, 01:29 UTC

Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters.

CVE-2017-11496 gemalto vulnerability CVSS: 7.5 03 Oct 2017, 01:29 UTC

Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files.

CVE-2017-6953 gemalto vulnerability CVSS: 4.6 08 May 2017, 17:29 UTC

Gemalto SmartDiag Diagnosis Tool v2.5 has a stack-based Buffer Overflow with SEH Overwrite via long "Register a new card" input fields. There may be a risk of local code execution with untrusted input to SmartDiag.exe or SymDiag.exe.

CVE-2015-5464 gemalto vulnerability CVSS: 1.3 22 Jul 2015, 10:59 UTC

The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.