27 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-41434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...
CVE-2026-42014 Gnutls: gnutls: use-after-free in gnutls_pkcs11_token_set_pin
A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...
CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow
A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...
SUSE-SU-2026:21752-1 Security update for gnutls
This update for gnutls fixes the following issues - CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass bsc1263706. - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short...
OPENSUSE-SU-2026:20699-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...
SUSE-SU-2026:21575-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...
CVE-2026-33317
OP-TEE is affected by a vulnerability in PKCS#11 support: versions 3.13.0–4.10.0 contain missing checks in entry_get_attribute_value() (ta/pkcs11/src/object.c), enabling an out-of-bounds read from the PKCS#11 TA heap and potentially memory corruption when combined with an OOB read. This can allow...
Linux Distros Unpatched Vulnerability : CVE-2026-40253
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common libra...
UBUNTU-CVE-2026-40253
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...
opencryptoki security update
An update is available for opencryptoki. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The opencryptoki packages contain version 2.11 of the PKCS11 API,...
opencryptoki security update
An update is available for opencryptoki. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The opencryptoki packages contain version 2.11 of the PKCS11 API,...
[SECURITY] Fedora 43 Update: rust-cryptoki-sys-0.5.0-2.fc43
FFI wrapper around the PKCS 11 API...
[SECURITY] Fedora 43 Update: rust-cryptoki-0.12.0-2.fc43
Rust-native wrapper around the PKCS 11 API...
Fedora: Security Advisory (FEDORA-2026-9d5b9f45ec)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALSA-2026:4717 Moderate: opencryptoki security update
The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...
USN-8043-1 gnutls28 vulnerabilities
Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and subject alternative names. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, resulting in a denial of service. CVE-2025-14831...
openCryptoki-3.26.0-4.1 on GA media (moderate)
openCryptoki-3.26.0-4.1 on GA media Announcement ID: openSUSE-SU-2026:10086-1 Rating: moderate Cross-References: CVE-2026-23893 CVSS scores: CVE-2026-23893 SUSE : 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can no...
Linux Distros Unpatched Vulnerability : CVE-2021-3798
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when...
SUSE CVE-2024-45615
A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...
CVE-2024-45617
A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...