Lucene search
+L

53 matches found

Cvelist
Cvelist
added 2024/09/03 9:21 p.m.38 views

CVE-2024-45620 Libopensc: incorrect handling of the length of buffers or files in pkcs15init

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

3.9CVSS0.00293EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2024/09/03 9:21 p.m.18 views

CVE-2024-45620

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

3.9CVSS4AI score0.00293EPSS
Exploits0
Cvelist
Cvelist
added 2024/09/03 9:21 p.m.37 views

CVE-2024-45619 Libopensc: incorrect handling length of buffers or files in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer...

4.3CVSS0.003EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/03 9:21 p.m.19 views

CVE-2024-45619 Libopensc: incorrect handling length of buffers or files in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer...

4.3CVSS6.9AI score0.003EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/09/03 9:21 p.m.13 views

CVE-2024-45619

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer...

4.3CVSS6.1AI score0.003EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/09/03 9:21 p.m.17 views

CVE-2024-45618

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

3.9CVSS5.9AI score0.00287EPSS
Exploits0
CVE
CVE
added 2024/09/03 9:21 p.m.101 views

CVE-2024-45618

CVE-2024-45618 affects OpenSC’s pkcs15-init component. The issue arises from insufficient or missing checking of return values, which can cause use of uninitialized variables after APDU responses from crafted USB devices or smart cards. Multiple connected advisories document the same core problem...

3.9CVSS3.9AI score0.00287EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/09/03 9:21 p.m.54 views

CVE-2024-45618 Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

3.9CVSS0.00287EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2024/09/03 9:21 p.m.16 views

CVE-2024-45618

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

3.9CVSS3.9AI score0.00287EPSS
Exploits0
Cvelist
Cvelist
added 2024/09/03 9:20 p.m.33 views

CVE-2024-45617 Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...

3.9CVSS0.00302EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/03 9:20 p.m.24 views

CVE-2024-45617 Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...

3.9CVSS6.7AI score0.00302EPSS
Exploits0References2
OSV
OSV
added 2024/09/03 9:20 p.m.21 views

CVE-2024-45617 Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...

3.9CVSS6.6AI score0.00302EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/09/03 9:20 p.m.20 views

CVE-2024-45616

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

3.9CVSS6.3AI score0.00355EPSS
Exploits0
CVE
CVE
added 2024/09/03 9:20 p.m.93 views

CVE-2024-45616

CVE-2024-45616 affects OpenSC and related components (OpenSC tools, PKCS#11 module, minidriver, CTK). The root cause is insufficient control of the response APDU buffer and its length when communicating with a smart card or USB device, which can lead to information leakage or instability. The vul...

3.9CVSS4.2AI score0.00355EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2024/09/03 9:19 p.m.103 views

CVE-2024-45615

CVE-2024-45615 affects OpenSC and related components (OpenSC tools, PKCS#11 module, minidriver, CTK). Root cause: uninitialized variables in OpenSC/libopensc and pkcs15init. Documented impact is limited to information disclosure/crash risks per CVSS 3.1 base score 3.9 (LOW); exploitation status n...

3.9CVSS4AI score0.00355EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.31 views

Fedora 38 : opensc (2024-b92d44f141)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b92d44f141 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.33 views

Fedora 39 : opensc (2024-6460a03e29)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6460a03e29 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2024/02/14 9:33 p.m.34 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS7AI score0.00422EPSS
Exploits0References5
NVD
NVD
added 2024/02/12 11:15 p.m.16 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.2AI score0.00422EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2024/02/12 11:15 p.m.32 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS6.7AI score0.00422EPSS
Exploits0References3
Rows per page
Query Builder