Lucene search
K

787 matches found

OSV
OSV
added 2026/06/30 9:15 a.m.3 views

SUSE-SU-2026:2697-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

SUSE SLES12 Security Update : opensc (SUSE-SU-2026:2678-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2678-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses...

6.8CVSS6.3AI score0.00296EPSS
Exploits0References10
OSV
OSV
added 2026/06/29 10:57 a.m.5 views

SUSE-SU-2026:2678-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. - CVE-2026-10275: global buffer overflow duri...

6.8CVSS6AI score0.00296EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

SUSE SLES15 Security Update : opensc (SUSE-SU-2026:2657-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2657-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References19
OSV
OSV
added 2026/06/26 12:25 p.m.2 views

SUSE-SU-2026:2657-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References13
OSV
OSV
added 2026/06/18 9:28 p.m.6 views

MGASA-2026-0224 Updated opensc packages fix security vulnerabilities

CVE-2025-66038 Memory corruption via improper compact-TLV length validation CVE-2025-66215 Stack-buffer-overflow with physical access via crafted smart card or USB device CVE-2025-49010 Stack-buffer-overflow via crafted smart card or USB device responses CVE-2025-66037 Out-of-bounds read via...

6.8CVSS5.3AI score0.00282EPSS
Exploits2References4
OSV
OSV
added 2026/06/15 11:47 a.m.2 views

OPENSUSE-SU-2026:20967-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...

6.8CVSS5.9AI score0.00282EPSS
Exploits2References8
OSV
OSV
added 2026/06/15 11:42 a.m.3 views

SUSE-SU-2026:22126-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...

6.8CVSS5.3AI score0.00282EPSS
Exploits2References9
OSV
OSV
added 2026/06/15 11:42 a.m.4 views

SUSE-SU-2026:22114-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...

6.8CVSS5.2AI score0.00282EPSS
Exploits2References9
RedhatCVE
RedhatCVE
added 2026/06/08 2:59 p.m.7 views

CVE-2026-40510

A flaw was found in OpenSC. A physically present attacker can exploit a stack buffer overflow vulnerability in the pivprocesshistory function by presenting a specially crafted Personal Identity Verification PIV smart card or USB device. This can lead to memory corruption within the system,...

6.8CVSS5.5AI score0.00216EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/04 5:49 p.m.17 views

epa4all-client: Unauthenticated REST API for Patient Record Writes

Impact Any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g., following the production Docker example in the README, this is exploitable from the local network without...

6.5CVSS5.9AI score0.00162EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

OpenSC 安全漏洞

OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.26.1 contain security vulnerabilities. These vulnerabilities stem from a mistake in the function testkpgencertwrite in the Key Generation Module component of the pkcs11-tool. This mistake ma...

5.1CVSS5.9AI score0.00296EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in opensc

A vulnerability was discovered in the pkcs15-init tool in OpenSC. An attacker could use a specially crafted USB Device or Smart Card, which would send a specially crafted response to APDUs to the system. When buffers are partially filled with data, the initialized parts of the buffer can be...

3.9CVSS6.7AI score0.00293EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in opensc

The gemsafe GPK smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in the scpkcs15emugemsafeGPKinit function...

5.5CVSS7AI score0.00401EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in opensc

A stack overflow vulnerability exists in the OpenSC smart card middleware before version 0.23, due to improper responses to APDUs...

7.5CVSS6.2AI score0.01144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in opensc

The TCOS smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in tcosdecipher...

5.5CVSS7.1AI score0.00398EPSS
Exploits0References1
Fedora
Fedora
added 2026/04/25 1:53 a.m.8 views

[SECURITY] Fedora 44 Update: opensc-0.27.1-1.fc44

OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the PKCS11 API so...

6.8CVSS5.2AI score0.00282EPSS
Exploits2
NVD
NVD
added 2026/04/23 1:16 p.m.6 views

CVE-2025-13763

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

5.7CVSS0.00176EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/23 12:27 p.m.5 views

EUVD-2025-209564

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

5.7CVSS5.7AI score0.00176EPSS
Exploits0References4
OSV
OSV
added 2026/04/23 12:27 p.m.2 views

CVE-2025-13763 Libopensc: opensc: multiple uses of uninitialized variable

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

5.7CVSS5.9AI score0.00176EPSS
Exploits0References7
Rows per page
Query Builder