Linux Distros Unpatched Vulnerability : CVE-2026-10275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key...

DEBIAN-CVE-2026-10275

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

EUVD-2026-33680

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

PT-2026-45451

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.26.2 Description A buffer overflow occurs in the pkcs11-tool Key Generation Module within the test kpgen certwrite function of the src/tools/pkcs11-tool.c file. This issue allows for remote attacks, although the...

CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

EUVD-2026-33320

OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...

Astra Linux – Vulnerability in opensc

Heap buffer overflow issues were identified in Opensc before version 0.22.0 in the pkcs15-oberthur.c file, which could potentially cause programs using the library to crash...

Astra Linux - уязвимость в opensc

The Oberthur smart card software driver in OpenSC before version 0.21.0-rc1 has a heap-based buffer overflow in the scoberthurreadfile function...

Astra Linux - уязвимость в opensc

A vulnerability related to the “return issue” was discovered in Opensc before version 0.22.0. This vulnerability exists in the “insertpin” function, and it could potentially cause programs using the library to crash...

Astra Linux – Vulnerability in opensc

OpenSC before version 0.20.0 has a double-free issue in coolkeyfreeprivatedata, because the coolkeyaddobject function in libopensc/card-coolkey.c lacks a uniqueness check...

Astra Linux – Vulnerability in opensc

Buffer overflow issues were identified in Opensc before version 0.22.0 in various locations, which could potentially cause programs using the library to crash...

Astra Linux – Vulnerability in opensc

A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTK. An attacker could use a specially crafted USB device or smart card, causing the system to send specially crafted APDUs. Insufficient or missing checks on the return values of functions lead to...

Astra Linux – Vulnerability in opensc

A heap usage issue after a free operation was detected in Opensc before version 0.22.0 in scfilevalid...

Astra Linux – Vulnerability in opensc

A issue was discovered in OpenSC between versions 0.19.0 and 0.20.x, as well as in versions 0.20.0-rc3. There is an incorrect read operation in the code for libopensc/card-setcos.c during the parsing of a SETCOS file attribute...

Linux Distros Unpatched Vulnerability : CVE-2025-13763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB...

Linux Distros Unpatched Vulnerability : CVE-2025-66215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or...

MiracleLinux 8 : opensc-0.20.0-8.el8_9 (AXSA:2024-7554:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7554:03 advisory. OpenSC: Side-channel leaks while stripping encryption PKCS1 padding CVE-2023-5992 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : opensc-0.20.0-6.el8 (AXSA:2023-7249:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7249:02 advisory. opensc: buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage CVE-2023-2977 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : opensc-0.23.0-4.el9_3 (AXSA:2024-7558:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7558:04 advisory. OpenSC: Side-channel leaks while stripping encryption PKCS1 padding CVE-2023-5992 Tenable has extracted the preceding description block directly from the...

TencentOS Server 3: opensc (TSSA-2024:0084)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0084 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...