Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-17206

Malicious code in bioql PyPI...

3.4CVSS5.2AI score0.00422EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.6 views

Azure Linux 3.0 Security Update: opensc (CVE-2024-1454)

The version of opensc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory. - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card...

3.4CVSS5.9AI score0.00422EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.7 views

CBL Mariner 2.0 Security Update: opensc (CVE-2024-1454)

The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory. - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card...

3.4CVSS5.9AI score0.00422EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in opensc

The “use-after-free” vulnerability was identified in the AuthentIC driver within the OpenSC package. It occurs during the card enrollment process, specifically when using the pkcs15-init function. An attacker must have physical access to the computer system and must use a specially crafted USB...

3.4CVSS6.4AI score0.00422EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.17 views

Fedora 40 : opensc (2024-3dbc3e8105)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3dbc3e8105 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.31 views

Fedora 38 : opensc (2024-b92d44f141)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b92d44f141 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.33 views

Fedora 39 : opensc (2024-6460a03e29)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6460a03e29 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

5.9CVSS6AI score0.01156EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2024/02/14 9:33 p.m.34 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS7AI score0.00422EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/02/14 3:56 a.m.2 views

SUSE CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

4.5CVSS6.2AI score0.00422EPSS
Exploits0References3
NVD
NVD
added 2024/02/12 11:15 p.m.16 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.2AI score0.00422EPSS
Exploits0References8
OSV
OSV
added 2024/02/12 11:15 p.m.1 views

DEBIAN-CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS5.7AI score0.00422EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/02/12 11:15 p.m.32 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS6.7AI score0.00422EPSS
Exploits0References3
Prion
Prion
added 2024/02/12 11:15 p.m.16 views

Design/Logic Flaw

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

2.6CVSS6.9AI score0.00422EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/02/12 10:29 p.m.8 views

CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.4AI score0.00422EPSS
Exploits0References4
CVE
CVE
added 2024/02/12 10:29 p.m.87 views

CVE-2024-1454

CVE-2024-1454 concerns the OpenSC AuthentIC driver: a use-after-free during card enrolment (pkcs15-init) that can enable manipulation of card management operations when an attacker has physical access and can present crafted APDU responses. The issue is limited to the enrolment process and requir...

3.4CVSS3.7AI score0.00422EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2024/02/12 10:29 p.m.36 views

CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.2AI score0.00422EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/02/12 10:29 p.m.25 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS3.5AI score0.00422EPSS
Exploits0
OSV
OSV
added 2024/02/12 10:29 p.m.19 views

CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS6.4AI score0.00422EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2024/02/12 10:29 p.m.21 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.3AI score0.00422EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/02/12 12:0 a.m.3 views

PT-2024-3057 · Opensc +3 · Opensc +3

Name of the Vulnerable Software and Affected Versions: OpenSC affected versions not specified Description: The issue is related to a use-after-free vulnerability found in the AuthentIC driver of OpenSC packages. This vulnerability occurs during the card enrolment process using pkcs15-init when a...

7.5CVSS5.1AI score0.02805EPSS
Exploits1References70
Rows per page
Query Builder