Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-41434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...

3.3CVSS6.2AI score0.00105EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/16 12:49 a.m.13 views

CVE-2026-42014 Gnutls: gnutls: use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2026/06/01 4:45 p.m.11 views

CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

5.1CVSS5.5AI score0.00296EPSS
Exploits0References9
OSV
OSV
added 2026/05/18 10:6 a.m.9 views

SUSE-SU-2026:21752-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass bsc1263706. - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short...

9.8CVSS5.8AI score0.01335EPSS
Exploits2References27
OSV
OSV
added 2026/05/07 9:56 a.m.7 views

OPENSUSE-SU-2026:20699-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...

6.8CVSS5.9AI score0.0016EPSS
Exploits1References3
OSV
OSV
added 2026/05/07 9:52 a.m.4 views

SUSE-SU-2026:21575-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...

6.8CVSS5.9AI score0.0016EPSS
Exploits1References4
CVE
CVE
added 2026/04/24 2:20 a.m.26 views

CVE-2026-33317

OP-TEE is affected by a vulnerability in PKCS#11 support: versions 3.13.0–4.10.0 contain missing checks in entry_get_attribute_value() (ta/pkcs11/src/object.c), enabling an out-of-bounds read from the PKCS#11 TA heap and potentially memory corruption when combined with an OOB read. This can allow...

8.7CVSS5.9AI score0.00183EPSS
Exploits2References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-40253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common libra...

6.8CVSS6.3AI score0.0016EPSS
Exploits1References4
OSV
OSV
added 2026/04/16 11:16 p.m.8 views

UBUNTU-CVE-2026-40253

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...

6.8CVSS6AI score0.0016EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2026/04/07 12:4 p.m.4 views

opencryptoki security update

An update is available for opencryptoki. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The opencryptoki packages contain version 2.11 of the PKCS11 API,...

6.8CVSS5.9AI score0.00162EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/03/27 12:8 p.m.9 views

opencryptoki security update

An update is available for opencryptoki. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The opencryptoki packages contain version 2.11 of the PKCS11 API,...

6.8CVSS5.9AI score0.00162EPSS
Exploits0
Fedora
Fedora
added 2026/03/27 1:18 a.m.4 views

[SECURITY] Fedora 43 Update: rust-cryptoki-sys-0.5.0-2.fc43

FFI wrapper around the PKCS 11 API...

9.8CVSS5.8AI score0.00704EPSS
Exploits0
Fedora
Fedora
added 2026/03/27 1:18 a.m.4 views

[SECURITY] Fedora 43 Update: rust-cryptoki-0.12.0-2.fc43

Rust-native wrapper around the PKCS 11 API...

9.8CVSS5.8AI score0.00704EPSS
Exploits0
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2026-9d5b9f45ec)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.00704EPSS
Exploits0References5
OSV
OSV
added 2026/03/17 12:0 a.m.6 views

ALSA-2026:4717 Moderate: opencryptoki security update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

6.8CVSS5.8AI score0.00162EPSS
Exploits0References4
OSV
OSV
added 2026/02/16 1:53 p.m.6 views

USN-8043-1 gnutls28 vulnerabilities

Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and subject alternative names. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, resulting in a denial of service. CVE-2025-14831...

5.3CVSS7.2AI score0.00638EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/24 12:0 a.m.6 views

openCryptoki-3.26.0-4.1 on GA media (moderate)

openCryptoki-3.26.0-4.1 on GA media Announcement ID: openSUSE-SU-2026:10086-1 Rating: moderate Cross-References: CVE-2026-23893 CVSS scores: CVE-2026-23893 SUSE : 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can no...

6.8CVSS5.5AI score0.00162EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-3798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when...

5.5CVSS6.1AI score0.00263EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/09/04 3:14 a.m.5 views

SUSE CVE-2024-45615

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...

3.9CVSS6.8AI score0.00355EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2024/09/03 10:15 p.m.3 views

CVE-2024-45617

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...

3.9CVSS6.4AI score0.00302EPSS
Exploits0References3
Rows per page
Query Builder