CLSA-2026-1778674879 opensc: Fix of CVE-2024-45619

CVE-2024-45619: fix incorrect access of initialized parts of partially filled buffers triggered by crafted APDU responses from USB devices or smart cards...

EUVD-2021-26890

Malware in sbrugna...

EUVD-2017-2678

Malware in sbrugna...

EUVD-2017-2693

Malware in sbrugna...

EUVD-2017-8918

Malware in sbrugna...

EUVD-2024-41540

Malicious code in bioql PyPI...

CBL Mariner 2.0 Security Update: opensc (CVE-2024-45619)

The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45619 advisory. - A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use...

CVE-2023-21666

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool...

CVE-2018-11949

Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD...

CVE-2025-21591 Junos OS: An unauthenticated adjacent attacker sending a malformed DHCP packet causes jdhcpd to crash

A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service DoS...

Linux Distros Unpatched Vulnerability : CVE-2024-45620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a...

CVE-2020-16101

It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access. Affected versions are v8.20 prior to v8.20.1166MR3, v8.10 prior to v8.10.1211MR5, v8.00 prior to v8.00.1228MR6, all versions of 7.90 and earlier...

CVE-2024-57802

CVE-2024-57802 concerns the Linux kernel netrom path. The issue arises when sending raw messages through ieee802154, where nr_route_frame may read uninitialized data due to not validating the skb buffer length. The root cause is a missing skb->len check before accessing skb->data in nr_rout...

CVE-2025-22134

When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visu...

CVE-2025-22134 heap-buffer-overflow with visual mode in Vim < 9.1.1003

When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visu...

PT-2022-25518 · Samsung · Samsung Mtower

Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: A Buffer Access with Incorrect Length Value issue in the TEE CipherUpdate function allows a trusted application to trigger a Denial of Service DoS by invoking the function TEE CipherUpdat...