CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-17206

Malicious code in bioql PyPI...

3.4CVSS5.2AI score0.00422EPSS

Exploits0References7

Tenable Nessus•added 2025/03/03 12:0 a.m.•6 views

Azure Linux 3.0 Security Update: opensc (CVE-2024-1454)

The version of opensc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory. - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card...

3.4CVSS5.9AI score0.00422EPSS

Exploits0References2

AstraLinux•added 2025/02/11 7:35 a.m.•2 views

Astra Linux – Vulnerability in opensc

The “use-after-free” vulnerability was identified in the AuthentIC driver within the OpenSC package. It occurs during the card enrollment process, specifically when using the pkcs15-init function. An attacker must have physical access to the computer system and must use a specially crafted USB...

3.4CVSS6.4AI score0.00422EPSS

Exploits0References3

Microsoft CVE•added 2024/06/30 2:0 p.m.•3 views

Opensc: memory use after free in authentic driver when updating token info

...

3.4CVSS6AI score0.00422EPSS

Exploits0

BDU FSTEC•added 2024/04/25 12:0 a.m.•5 views

The vulnerability of the AuthentIC driver for software tools and libraries used to work with OpenSC smart cards allows a perpetrator to compromise card management operations.

The vulnerability of the AuthentIC driver for software tools and libraries used to work with OpenSC smart cards is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise card management operations...

4.5CVSS6.4AI score0.00422EPSS

Exploits0References12Affected Software4

Redos•added 2024/04/22 12:0 a.m.•20 views

ROS-20240422-01

Vulnerability in the OpenSC smart card software toolkit and libraries is related to a bug in the AuthentIC driver and occurs during card registration using pkcs15-init. a bug in the AuthentIC driver and occurs during the card registration process using pkcs15-init, when a user or administrator...

3.4CVSS7.1AI score0.00422EPSS

Exploits0

Tenable Nessus•added 2024/04/03 12:0 a.m.•30 views

Amazon Linux 2023 : opensc (ALAS2023-2024-580)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-580 advisory. A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channel resistant. This issue may result in the potential leak of private data...

5.9CVSS5.7AI score0.01156EPSS

Exploits1References6

Amazon•added 2024/04/02 12:0 a.m.•5 views

Medium: opensc

Issue Overview: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. CVE-2023-5992 The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages...

5.9CVSS6.1AI score0.01156EPSS

Exploits1

Tenable Nessus•added 2024/03/15 12:0 a.m.•33 views

Fedora 39 : opensc (2024-6460a03e29)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6460a03e29 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS

Exploits1References3

Tenable Nessus•added 2024/03/15 12:0 a.m.•30 views

Fedora 38 : opensc (2024-b92d44f141)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b92d44f141 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS

Exploits1References3

RedhatCVE•added 2024/02/14 9:33 p.m.•33 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS7AI score0.00422EPSS

Exploits0References5