Lucene search
K

11 matches found

redhat
redhat
added 2019/08/06 12:30 p.m.4 views

opensc: Buffer overflows handling responses from Gemsafe V1 Smartcards in pkcs15-gemsafeV1.c:gemsafe_get_cert_len()

Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified...

6.8CVSS6AI score0.00645EPSS
Exploits1References5
redhatcve
redhatcve
added 2018/09/12 6:22 a.m.28 views

CVE-2018-16425

A double free when handling responses from an HSM Card in scpkcs15emuschsminit in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

6.6CVSS3.5AI score0.0066EPSS
Exploits1References2
osv
osv
added 2018/09/04 12:29 a.m.2 views

DEBIAN-CVE-2018-16426

Endless recursion when handling responses from an IAS-ECC card in iaseccselectfile in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs...

4.3CVSS6.8AI score0.00592EPSS
Exploits1References1
nvd
nvd
added 2018/09/04 12:29 a.m.16 views

CVE-2018-16425

A double free when handling responses from an HSM Card in scpkcs15emuschsminit in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

6.6CVSS6.9AI score0.0066EPSS
Exploits1References4
osv
osv
added 2018/09/04 12:29 a.m.4 views

UBUNTU-CVE-2018-16422

A single byte buffer overflow when handling responses from an esteid Card in scpkcs15emuesteidinit in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified othe...

6.6CVSS6.7AI score0.00692EPSS
Exploits1References4
nvd
nvd
added 2018/09/04 12:29 a.m.22 views

CVE-2018-16421

Several buffer overflows when handling responses from a CAC Card in cacgetserialnrfromCUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

6.6CVSS7AI score0.00692EPSS
Exploits1References5
cnvd
cnvd
added 2018/09/04 12:0 a.m.2 views

OpenSC Out-of-Bounds Read Vulnerability

OpenSC is a set of software tools and libraries for smart cards, focusing on smart cards with cryptographic capabilities. OpenSC prior to 0.19.0-rc1 suffers from an out-of-bounds read vulnerability when processing responses. An attacker could exploit this vulnerability to cause the opensc library...

4.3CVSS5.8AI score0.00493EPSS
Exploits0References1
cnvd
cnvd
added 2018/09/04 12:0 a.m.21 views

OpenSC Double Release Vulnerability (CNVD-2019-28619)

OpenSC is an open source smart card tool and middleware. A double-release vulnerability exists in the 'readfile' function of the tools/egk-tool.c file in versions prior to OpenSC 0.19.0-rc1. An attacker can exploit this vulnerability to cause a denial of service application crash with the help of...

6.6CVSS6.3AI score0.00654EPSS
Exploits1References1
cvelist
cvelist
added 2018/09/03 2:0 p.m.16 views

CVE-2018-16393

Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified...

6.9AI score0.00645EPSS
Exploits1References5
debiancve
debiancve
added 2018/09/03 2:0 p.m.13 views

CVE-2018-16392

Several buffer overflows when handling responses from a TCOS Card in tcosselectfile in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

6.8CVSS7.4AI score0.00645EPSS
Exploits1
alpinelinux
alpinelinux
added 2018/09/03 2:0 p.m.26 views

CVE-2018-16391

Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

6.8CVSS7AI score0.00671EPSS
Exploits1
Rows per page
Query Builder