EUVD-2020-24681

Malware in sbrugna...

EUVD-2025-12152

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-16421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several buffer overflows when handling responses from a CAC Card in cacgetserialnrfromCUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by...

NIH BRICS 14.0.0-67 Predictable Tokens

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...

CVE-2025-27580

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...

CVE-2025-27580

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...

CVE-2025-27580

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...

CVE-2025-27580

CVE-2025-27580 affects NIH BRICS (Biomedical Research Informatics Computing System) up to version 14.0.0-67. The issue is that token generation is predictable, depending on the user’s username, time, and a fixed string (7Dl9#dj-), which enables unauthenticated users with a CAC to escalate privile...

CVE-2025-27580

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...

Cisco Firepower Management Center Software Common Access Card Authentication Bypass (cisco-sa-fmc-cacauthbyp-NCLGZm3Q)

According to its self-reported version, Cisco Firepower Management Center is affected by a vulnerability in the Common Access Card CAC authentication feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and access the F...

The vulnerability of the authentication function of Cisco Firepower Management Center’s network management software allows a perpetrator to bypass the authentication process and gain access to the FMC system.

The vulnerability of the Common Access Card authentication function in Cisco Firepower Management Center FMC software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain access to the FMC...

opensc: Improper handling of buffer limits for CAC certificates

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates...

CVE-2020-3410

A vulnerability in the Common Access Card CAC authentication feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The...

Authentication flaw

A vulnerability in the Common Access Card CAC authentication feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The...

CVE-2020-3410

CVE-2020-3410 affects Cisco Firepower Management Center (FMC) Software CAC authentication: vulnerability in session invalidation that allows an unauthenticated, remote attacker with a valid CAC to bypass authentication and access FMC with the privileges of a CAC-authenticated user currently logge...

Cisco Firepower Management Center Software Common Access Card Authentication Bypass Vulnerability

A vulnerability in the Common Access Card CAC authentication feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The...

PT-2020-4465 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: A vulnerability in the Common Access Card CAC authentication feature could allow an unauthenticated, remote attacker to bypass authentication and acce...

UBUNTU-CVE-2019-19481

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates...

ALBA-2019:3785 libcacard bug fix and enhancement update

The libcacard packages contain the Common Access Card CAC emulation library. This update fixes the following bug: Backport the patch removing key caching to unbreak libcacard for CI usage BZ1750477. Users of libcacard are advised to upgrade to these updated packages, which fix this bug...

libcacard bug fix and enhancement update

The libcacard packages contain the Common Access Card CAC emulation library. This update fixes the following bug: Backport the patch removing key caching to unbreak libcacard for CI usage BZ1750477. Users of libcacard are advised to upgrade to these updated packages, which fix this bug...