81 matches found
EUVD-2021-1454
Malware in sbrugna...
TencentOS Server 4: opensc (TSSA-2024:0441)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0441 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2020-1454
This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint...
CVE-2014-1454
Pearson eSIS Enterprise Student Information System message board has stored XSS due to improper validation of user input...
CVE-2015-1454
Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software...
CVE-2025-1454
creationtimestamp| type| source ---|---|--- 2025-05-16 20:34:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16751...
CVE-2024-1454 affecting package opensc for versions less than 0.23.0-4
CVE-2024-1454 affecting package opensc for versions less than 0.23.0-4. A patched version of the package is available...
CBL Mariner 2.0 Security Update: opensc (CVE-2024-1454)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory. - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card...
Azure Linux 3.0 Security Update: opensc (CVE-2024-1454)
The version of opensc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory. - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card...
CVE-2020-1454
creationtimestamp| type| source ---|---|--- 2025-03-02 11:46:28+00:00| seen| Telegram/ONHX8H-JYqoess1g6awHNDtH8ae3ZtDSX8i6i6J5HTLcP7...
OpenSC Multiple Vulnerabilities (Jan 2025) - Windows
OpenSC is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:opensc-project:opensc"; if descripti...
Advisory ROSA-SA-2025-2581
software: opensc 0.23.0 OS: ROSA-CHROME packageevrstring: opensc-0.23.0-4 CVE-ID: CVE-2024-1454 BDU-ID: 2024-03243 CVE-Crit: LOW CVE-DESC.: A vulnerability in the AuthentIC driver of the OpenSC smart card software toolkit and libraries is related to memory usage after it has been freed...
CVE-2024-1454 affecting package opensc for versions less than 0.25.1-3
CVE-2024-1454 affecting package opensc for versions less than 0.25.1-3. An upgraded version of the package is available that resolves this issue...
Fedora 40 : opensc (2024-3dbc3e8105)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3dbc3e8105 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...
Fedora 38 : opensc (2024-b92d44f141)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b92d44f141 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...
CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
CVE-2024-1454 concerns the OpenSC AuthentIC driver: a use-after-free during card enrolment (pkcs15-init) that can enable manipulation of card management operations when an attacker has physical access and can present crafted APDU responses. The issue is limited to the enrolment process and requir...
Cisco NX-OS Border Gateway Protocol Denial of Service (CVE-2016-1454)
Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service device reload by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and...
Exploit for SQL Injection in Jeecg Jeecg-Boot
CVE-2023-1454 Jeecg-Boot-qurestSql-SQLvuln jmreport/qurestSq...