1453 matches found
SUSE SLED15 / SLES15 Security Update : opensc (SUSE-SU-2026:2697-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2697-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart ca...
SUSE-SU-2026:2697-1 Security update for opensc
This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...
SUSE SLES12 Security Update : opensc (SUSE-SU-2026:2678-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2678-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses...
SUSE SLES15 Security Update : opensc (SUSE-SU-2026:2657-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2657-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device...
SUSE-SU-2026:2657-1 Security update for opensc
This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...
MGASA-2026-0231 Updated opensc packages fix security vulnerabilities
These packages fix security vulnerabilities: CVE-2026-10275, A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is...
Linux Distros Unpatched Vulnerability : CVE-2026-40510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows...
Astra Linux – Vulnerability in opensc
The Oberthur smart card software driver in OpenSC before version 0.21.0-rc1 has a heap-based buffer overflow in the scoberthurreadfile function...
Astra Linux – Vulnerability in opensc
Heap buffer overflow issues were identified in Opensc before version 0.22.0 in the pkcs15-oberthur.c file, which could potentially cause programs using the library to crash...
Astra Linux – Vulnerability in opensc
A vulnerability related to the “return issue” was discovered in Opensc before version 0.22.0. This vulnerability exists in the “insertpin” function, and it could potentially cause programs using the library to crash...
Astra Linux – Vulnerability in opensc
The gemsafe GPK smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in the scpkcs15emugemsafeGPKinit function...
CVE-2026-10275
A flaw was found in OpenSC, specifically within the pkcs11-tool Key Generation Module. This vulnerability, located in the testkpgencertwrite function, is a buffer overflow that can be triggered remotely. A remote attacker could exploit this flaw, potentially leading to information disclosure, dat...
SUSE-SU-2026:22114-1 Security update for opensc
This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...
SUSE-SU-2026:22126-1 Security update for opensc
This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...
opensc-0.27.1-2.1 on GA media (moderate)
opensc-0.27.1-2.1 on GA media Announcement ID: openSUSE-SU-2026:11022-1 Rating: moderate Cross-References: CVE-2026-10275 CVE-2026-40528 CVSS scores: CVE-2026-10275 SUSE : 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-10275 SUSE : 7.3...
OPENSUSE-SU-2026:11022-1 opensc-0.27.1-2.1 on GA media
These are all security issues fixed in the opensc-0.27.1-2.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-40510
A flaw was found in OpenSC. A physically present attacker can exploit a stack buffer overflow vulnerability in the pivprocesshistory function by presenting a specially crafted Personal Identity Verification PIV smart card or USB device. This can lead to memory corruption within the system,...
CVE-2026-40528
A flaw was found in OpenSC. A local attacker can exploit this vulnerability by supplying a specially crafted profile configuration file to the pkcs15-init utility. This can lead to a stack and heap buffer overrun, allowing the attacker to corrupt memory. This memory corruption could potentially...
OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow
...
SUSE CVE-2026-10275
A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...