Lucene search
K

6 matches found

OSV
OSV
added 2026/03/30 6:16 p.m.3 views

DEBIAN-CVE-2025-49010

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

6.8CVSS5.1AI score0.0013EPSS
Exploits0References1
NVD
NVD
added 2026/03/30 6:16 p.m.6 views

CVE-2025-49010

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

6.8CVSS0.0013EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/30 4:59 p.m.5 views

EUVD-2025-209124

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

3.8CVSS5.8AI score0.0013EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in opensc

The “use-after-free” vulnerability was identified in the AuthentIC driver within the OpenSC package. It occurs during the card enrollment process, specifically when using the pkcs15-init function. An attacker must have physical access to the computer system and must use a specially crafted USB...

3.4CVSS6.4AI score0.00422EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.5 views

PT-2026-29083

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.27.0 Description OpenSC is an open source smart card tools and middleware. An attacker with physical access to a computer while a user or administrator is utilizing a token can trigger a stack-based buffer overflow i...

6.8CVSS6.2AI score0.00159EPSS
Exploits0References44
SUSE CVE
SUSE CVE
added 2024/09/04 3:13 a.m.3 views

SUSE CVE-2024-45620

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

3.9CVSS6.9AI score0.00293EPSS
Exploits0References10
Rows per page
Query Builder