Lucene search
K

45 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-6664

Malware in sbrugna...

4.6CVSS5.6AI score0.00445EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-6663

Malware in sbrugna...

7.2CVSS6.4AI score0.00486EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.27 views

Ubuntu 16.04 ESM : Yubico PIV Tool vulnerabilities (USN-4846-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4846-1 advisory. It was discovered that libykpiv, a supporting library of the Yubico PIV tool and YubiKey PIV Manager, mishandled specially crafted input. An attacker wit...

7.2CVSS6.7AI score0.00486EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.5 views

SUSE CVE-2018-14780

An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function ykpivfetchobject: % highlight c % ifsw == SWSUCCESS sizet outlen; int offs = ykpivgetlengthdata + 1, &outlen; ifoffs == 0 return YKPIVSIZEERROR;...

2.2CVSS7.2AI score0.00445EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-14779

A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function ykpivtransferdata: % highlight c % ifoutlen + recvlen - 2 maxout fprintfstderr, "Output buffer to small, wanted to write %lu, max was %lu.", outlen +...

7.1CVSS7.6AI score0.00486EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.18 views

Ubuntu: Security Advisory (USN-4846-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.6AI score0.00486EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2019:1123-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.6AI score0.00486EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2021/03/15 10:30 p.m.29 views

USN-4846-1: Yubico PIV Tool vulnerabilities

It was discovered that libykpiv, a supporting library of the Yubico PIV tool and YubiKey PIV Manager, mishandled specially crafted input. An attacker with a custom-made, malicious USB device could potentially execute arbitrary code on a computer running the Yubico PIV Tool or Yubikey PIV Manager...

7.2CVSS6.2AI score0.00486EPSS
Exploits1
Debian CVE
Debian CVE
added 2020/07/09 5:50 p.m.20 views

CVE-2020-13131

An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library which is included in yubico-piv-tool does not properly check embedded length fields during device communication. A malicious PIV token can misreport the returned length fields during RSA key generation. This will...

4.3CVSS1.7AI score0.00492EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/02/12 12:0 a.m.25 views

Ubuntu 18.04 LTS : Yubico PIV Tool vulnerabilities (USN-4276-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4276-1 advisory. It was discovered that libykpiv, a supporting library of the Yubico PIV Tool and YubiKey PIV Manager, mishandled specially crafted input. An attacker wit...

7.2CVSS6.7AI score0.00486EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/02/12 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-4276-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.6AI score0.00486EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2020/02/11 2:52 p.m.94 views

USN-4276-1: Yubico PIV Tool vulnerabilities

It was discovered that libykpiv, a supporting library of the Yubico PIV Tool and YubiKey PIV Manager, mishandled specially crafted input. An attacker with a custom-made, malicious USB device could potentially execute arbitrary code on a computer running the Yubico PIV Tool or Yubikey PIV Manager...

7.2CVSS6.2AI score0.00486EPSS
Exploits1
OpenVAS
OpenVAS
added 2019/05/09 12:0 a.m.28 views

openSUSE: Security Advisory for yubico-piv-tool (openSUSE-SU-2019:1341-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2CVSS5.6AI score0.00486EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/09 12:0 a.m.22 views

openSUSE Security Update : yubico-piv-tool (openSUSE-2019-1341)

This update for yubico-piv-tool fixes the following issues : Security issues fixed : - Fixed an buffer overflow and an out of bounds memory read in ykpivtransferdata, which could be triggered by a malicious token. CVE-2018-14779, bsc1104809, YSA-2018-03 - Fixed an buffer overflow and an out of...

7.2CVSS6.1AI score0.00486EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2019/05/08 12:0 a.m.203 views

Security update for yubico-piv-tool (low)

openSUSE Security Update: Security update for yubico-piv-tool Announcement ID: openSUSE-SU-2019:1341-1 Rating: low References: 1104809 1104811 Cross-References: CVE-2018-14779 CVE-2018-14780 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available...

7.2CVSS6.4AI score0.00486EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.32 views

SUSE SLED15 / SLES15 Security Update : yubico-piv-tool (SUSE-SU-2019:1123-1)

This update for yubico-piv-tool fixes the following issues : Security issues fixed : Fixed an buffer overflow and an out of bounds memory read in ykpivtransferdata, which could be triggered by a malicious token. CVE-2018-14779, bsc1104809, YSA-2018-03 Fixed an buffer overflow and an out of bounds...

7.2CVSS6.1AI score0.00486EPSS
Exploits1References7
OSV
OSV
added 2019/04/30 4:4 p.m.5 views

SUSE-SU-2019:1123-1 Security update for yubico-piv-tool

This update for yubico-piv-tool fixes the following issues: Security issues fixed: - Fixed an buffer overflow and an out of bounds memory read in ykpivtransferdata, which could be triggered by a malicious token. CVE-2018-14779, bsc1104809, YSA-2018-03 - Fixed an buffer overflow and an out of boun...

7.2CVSS5.8AI score0.00486EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.7 views

Fedora 28 : yubico-piv-tool (2018-15da5380b5)

New upstream release fixing YSA-2018-03 1613863 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2018/09/06 12:0 a.m.18 views

openSUSE: Security Advisory for yubico-piv-tool (openSUSE-SU-2018:2623-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2CVSS5.6AI score0.00486EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/09/06 12:0 a.m.23 views

openSUSE Security Update : yubico-piv-tool (openSUSE-2018-969)

This update for yubico-piv-tool fixes the following issues : Security issues fixed : - CVE-2018-14779: Fixed an buffer overflow and an out of bounds memory read in ykpivtransferdata, which could be triggered by a malicious token. boo1104809, YSA-2018-03 - CVE-2018-14780: Fixed an buffer overflow...

7.2CVSS6.1AI score0.00486EPSS
Exploits1References4
Rows per page
Query Builder