20 matches found
EUVD-2024-17206
Malicious code in bioql PyPI...
Azure Linux 3.0 Security Update: opensc (CVE-2024-1454)
The version of opensc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory. - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card...
CBL Mariner 2.0 Security Update: opensc (CVE-2024-1454)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1454 advisory. - The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card...
Astra Linux – Vulnerability in opensc
The “use-after-free” vulnerability was identified in the AuthentIC driver within the OpenSC package. It occurs during the card enrollment process, specifically when using the pkcs15-init function. An attacker must have physical access to the computer system and must use a specially crafted USB...
Fedora 40 : opensc (2024-3dbc3e8105)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3dbc3e8105 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...
Fedora 38 : opensc (2024-b92d44f141)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b92d44f141 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...
Fedora 39 : opensc (2024-6460a03e29)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6460a03e29 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
SUSE CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
DEBIAN-CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
Design/Logic Flaw
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
CVE-2024-1454 concerns the OpenSC AuthentIC driver: a use-after-free during card enrolment (pkcs15-init) that can enable manipulation of card management operations when an attacker has physical access and can present crafted APDU responses. The issue is limited to the enrolment process and requir...
CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
PT-2024-3057 · Opensc +3 · Opensc +3
Name of the Vulnerable Software and Affected Versions: OpenSC affected versions not specified Description: The issue is related to a use-after-free vulnerability found in the AuthentIC driver of OpenSC packages. This vulnerability occurs during the card enrolment process using pkcs15-init when a...