Lucene search
K

53 matches found

UbuntuCve
UbuntuCve
added 2024/02/12 11:15 p.m.32 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS6.7AI score0.00422EPSS
Exploits0References3
CVE
CVE
added 2024/02/12 10:29 p.m.87 views

CVE-2024-1454

CVE-2024-1454 concerns the OpenSC AuthentIC driver: a use-after-free during card enrolment (pkcs15-init) that can enable manipulation of card management operations when an attacker has physical access and can present crafted APDU responses. The issue is limited to the enrolment process and requir...

3.4CVSS3.7AI score0.00422EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2024/02/12 10:29 p.m.19 views

CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS6.4AI score0.00422EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/02/12 10:29 p.m.33 views

CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.2AI score0.00422EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/02/12 10:29 p.m.25 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS3.5AI score0.00422EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2024/02/12 10:29 p.m.21 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.3AI score0.00422EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/12/19 9:58 a.m.3 views

OpenSC: multiple memory issues with pkcs15-init (enrollment tool)

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

6.4CVSS5.8AI score0.01174EPSS
Exploits0References7
Prion
Prion
added 2023/11/06 5:15 p.m.24 views

Input validation

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

4.1CVSS6.9AI score0.01174EPSS
Exploits0References11Affected Software2
CVE
CVE
added 2023/11/06 4:58 p.m.434 views

CVE-2023-40661

Summary: CVE-2023-40661 affects the OpenSC project, specifically the enrollment tooling pkcs15-init. The issue consists of multiple memory-related vulnerabilities reported by dynamic analysis during the card enrollment process, where a locally present attacker with physical access could manipulat...

6.4CVSS6AI score0.01174EPSS
Exploits0References12Affected Software1
RedhatCVE
RedhatCVE
added 2023/08/30 7:15 a.m.32 views

CVE-2021-34193

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...

7.1AI score0.02675EPSS
Exploits0References3
OSV
OSV
added 2023/08/22 7:16 p.m.27 views

CVE-2021-34193

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...

7.5CVSS7.3AI score
Exploits0References13
NVD
NVD
added 2023/08/22 7:16 p.m.17 views

CVE-2021-34193

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...

7.5CVSS7.5AI score0.01144EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.16 views

CVE-2021-34193

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...

7.5CVSS6.8AI score0.01144EPSS
Exploits0References14
Rows per page
Query Builder