Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/04/23 12:27 p.m.28 views

CVE-2025-13763 Libopensc: opensc: multiple uses of uninitialized variable

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

5.7CVSS0.00176EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/31 11:29 p.m.6 views

SUSE CVE-2025-49010

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

3.8CVSS5.8AI score0.0013EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/03/30 4:59 p.m.22 views

CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

3.8CVSS0.0013EPSS
Exploits0References2
CVE
CVE
added 2026/03/30 4:59 p.m.16 views

CVE-2025-49010

OpenSC before version 0.27.0 is vulnerable to a stack-buffer-overflow write in GET RESPONSE when a crafted USB device or smart card presents specially crafted APDU responses. The attack requires physical access and user/administrator interaction with the token. A fix exists in OpenSC 0.27.0 and l...

6.8CVSS5.8AI score0.0013EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/12 11:15 p.m.1 views

UBUNTU-CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS6.9AI score0.00422EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2023/08/29 7:0 a.m.4 views

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs.

...

7.5CVSS6.1AI score0.01144EPSS
Exploits0
Rows per page
Query Builder