21 matches found
Astra Linux - уязвимость в opensc
A stack overflow vulnerability exists in the OpenSC smart card middleware before version 0.23, due to improper responses to APDUs...
SUSE CVE-2025-49010
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...
CVE-2025-49010
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...
EUVD-2023-54390
Malicious code in bioql PyPI...
EUVD-2024-17206
Malicious code in bioql PyPI...
Astra Linux – Vulnerability in opensc
A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTKs. An attacker could use a specially crafted USB device or smart card, which would send a specially crafted response to APDUs to the system. When buffers are partially filled with data, the initialized...
Astra Linux – Vulnerability in opensc
A vulnerability was discovered in the pkcs15-init function in OpenSC. An attacker could use a specially crafted USB Device or Smart Card, causing the system to send a specially crafted response to APDUs. Insufficient or missing checks on the return values of functions lead to unexpected behavior...
Amazon Linux 2 : opensc (ALAS-2024-2709)
The version of opensc installed on the remote host is prior to 0.19.0-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2709 advisory. It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and...
Low: opensc
Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...
OpenSC 安全漏洞
OpenSC is an open source smart card tool and middleware from OpenSC Open Source. A security vulnerability exists in OpenSC, which stems from the presence of a heap-based buffer overflow vulnerability, where a well-designed USB device or smart card responding maliciously to APDUs could result in...
DEBIAN-CVE-2024-45617
A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...
DEBIAN-CVE-2024-45620
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...
AZL-48817 CVE-2024-45620 affecting package opensc 0.23.0-5
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...
UBUNTU-CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2023-4535
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
CVE-2023-4535
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
CVE-2023-4535
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
CVE-2023-4535 Opensc: out-of-bounds read in myeid driver handling encryption using symmetric keys
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs.
...
UBUNTU-CVE-2021-34193
Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...