117 matches found
EUVD-2023-58259
Malicious code in bioql PyPI...
Advisory ROSA-SA-2025-3013
software: openscap 1.4.2 OS: ROSA-CHROME unaffected versions = openscap-1.4.2-2 affected versions openscap-1.4.2-2 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc library of the OpenSC smart...
Linux Distros Unpatched Vulnerability : CVE-2018-16427
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially cras...
Linux Distros Unpatched Vulnerability : CVE-2018-16392
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several buffer overflows when handling responses from a TCOS Card in tcosselectfile in libopensc/card- tcos.c in OpenSC before 0.19.0-rc1 could be used by...
Linux Distros Unpatched Vulnerability : CVE-2023-40660
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operation...
Linux Distros Unpatched Vulnerability : CVE-2018-16421
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several buffer overflows when handling responses from a CAC Card in cacgetserialnrfromCUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : opensc (SUSE-SU-2025:02754-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02754-1 advisory. - CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS1 padding bsc1219386. Tenable h...
CBL Mariner 2.0 Security Update: opensc (CVE-2023-40661)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40661 advisory. - Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollme...
CVE-2023-40661 affecting package opensc for versions less than 0.23.0-5
CVE-2023-40661 affecting package opensc for versions less than 0.23.0-5. A patched version of the package is available...
CVE-2024-45619 affecting package opensc for versions less than 0.23.0-5
CVE-2024-45619 affecting package opensc for versions less than 0.23.0-5. A patched version of the package is available...
CVE-2019-16058
An issue was discovered in the pamp11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the case for RSA keys with 4096 bits depending on the signature scheme...
CVE-2013-1866
OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability...
Alibaba Cloud Linux 3 : 0001: opensc (ALINUX3-SA-2024:0001)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0001 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-2977: A vulnerbility was found in OpenSC...
CVE-2024-1454 affecting package opensc for versions less than 0.23.0-4
CVE-2024-1454 affecting package opensc for versions less than 0.23.0-4. A patched version of the package is available...
CVE-2023-40660 affecting package opensc for versions less than 0.23.0-4
CVE-2023-40660 affecting package opensc for versions less than 0.23.0-4. A patched version of the package is available...
CBL Mariner 2.0 Security Update: opensc (CVE-2024-1454)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory. - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card...
CBL Mariner 2.0 Security Update: opensc (CVE-2023-40660)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40660 advisory. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by...
Advisory ROSA-SA-2025-2729
Software: opensc 0.20.0 OS: ROSA Virtualization 3.0 packageevrstring: opensc-0.20.0-8.rv30 CVE-ID: CVE-2023-2977 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in OpenSC causes a buffer overflow in the pkcs15 cardoshaveverifyrcpackage function, allowing an attacker to cause a processing...
Azure Linux 3.0 Security Update: opensc (CVE-2023-5992)
The version of opensc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5992 advisory. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channe...
CBL Mariner 2.0 Security Update: opensc (CVE-2023-5992)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5992 advisory. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channe...