36 matches found
Astra Linux – Vulnerability in opensc
OpenSC before version 0.20.0 has a double-free issue in coolkeyfreeprivatedata, because the coolkeyaddobject function in libopensc/card-coolkey.c lacks a uniqueness check...
OSV-2026-824 Stack-buffer-overflow in coolkey_rsa_op
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517058311 Crash type: Stack-buffer-overflow READ Crash state: coolkeyrsaop coolkeycomputecrypt sccomputesignature...
PT-2026-47227
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517058311 Crash type: Stack-buffer-overflow READ Crash state: coolkey rsa op coolkey compute crypt sc compute signature...
EUVD-2019-11329
Malware in sbrugna...
EUVD-2007-4113
Malware in sbrugna...
RHSA-2007:0631 Red Hat Security Advisory: coolkey security and bug fix update
Bulletin has no description...
OPENSUSE-SU-2024:10555-1 coolkey-1.1.0-150.1 on GA media
These are all security issues fixed in the coolkey-1.1.0-150.1 package on the GA media of openSUSE Tumbleweed...
Oracle Linux 5 : coolkey (ELSA-2007-0631)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2007-0631 advisory. 1.1.0-5 - 1777 is not octal and does not set the correct bits should be 01777 1.1.0-4 - fix cache location to be more secure 1.1.0-3 - replace the install stuff...
SUSE CVE-2007-4129
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory...
SUSE CVE-2019-20792
OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...
opensc: Double free in coolkey_free_private_data in libopensc/card-coolkey.c
A use-after-free vulnerability was discovered in OpenSC while disconnecting a smart card. This flaw allows a physical attacker to exploit this vulnerability by inserting and removing a malicious smart card, handled by the coolkey driver, that could potentially execute code on the target system,...
CVE-2019-20792
A use-after-free vulnerability was discovered in OpenSC while disconnecting a smart card. This flaw allows a physical attacker to exploit this vulnerability by inserting and removing a malicious smart card, handled by the coolkey driver, that could potentially execute code on the target system,...
DEBIAN-CVE-2019-20792
OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...
CVE-2019-20792
OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...
CVE-2019-20792
OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...
UBUNTU-CVE-2019-20792
OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...
CVE-2019-20792
OpenSC before 0.20.0 has a double free in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c lacks a uniqueness check...
CVE-2019-20792
OpenSC = 0.20.0 (or apply vendor-specific patches as listed in advisories). If exploiting details are not provided in the documents, no exploitation specifics are described here.
OpenSC Resource Management Error Vulnerability
OpenSC is an open source smart card tool and middleware. A resource management error vulnerability exists in coolkeyfreeprivatedata in versions prior to OpenSC 0.20.0. The vulnerability arises from mismanagement of system resources e.g., memory, disk space, files, etc. by a networked system or...
Arbitrary File Overwrite
coolkey is vulnerable to arbitrary file overwrite. A local attacker could perform a symlink attack and cause arbitrary files to be overwritten...