Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 4: opensc (TSSA-2024:0030)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0030 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS6.4AI score0.01144EPSS
Exploits0References5
Rosalinux
Rosalinux
added 2025/01/27 10:38 a.m.17 views

Advisory ROSA-SA-2025-2580

software: opensc 0.23.0 OS: ROSA-CHROME packageevrstring: opensc-0.23.0-2 CVE-ID: CVE-2023-40660 BDU-ID: 2024-02589 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSC smart card software toolkit and libraries is related to the fact that token/card authentication by one process can perform...

6.6CVSS7.4AI score0.01174EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.26 views

CBL Mariner 2.0 Security Update: opensc (CVE-2023-4535)

The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4535 advisory. - An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling...

4.5CVSS5.5AI score0.00466EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/05/17 9:38 p.m.13 views

CVE-2023-4535 affecting package opensc for versions less than 0.25.1-3

CVE-2023-4535 affecting package opensc for versions less than 0.25.1-3. An upgraded version of the package is available that resolves this issue...

4.5CVSS6.9AI score0.00466EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.24 views

AlmaLinux 9 : opensc (ALSA-2023:7879)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7879 advisory. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic...

6.6CVSS5.9AI score0.01174EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/12/21 12:0 a.m.39 views

Fedora 39 : opensc (2023-a854153d7a)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a854153d7a advisory. New upstream release 2240701 with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661 Tenable has extracted the preceding description...

6.6CVSS6.1AI score0.01174EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/12/19 9:53 a.m.46 views

Moderate: Red Hat Security Advisory: opensc security update

An update for opensc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

6.6CVSS6.5AI score0.01174EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2023/12/19 12:0 a.m.40 views

opensc security update

0.23.0-3 - Fix file caching with different offsets RHEL-4079 - Fix CVE-2023-40660: Potential PIN bypass - Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init - Fix CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption using symmetric keys - Fix CVE-2023-5992: Side-channel...

6.6CVSS6.9AI score0.01174EPSS
Exploits1
OSV
OSV
added 2023/12/19 12:0 a.m.24 views

ALSA-2023:7879 Moderate: opensc security update

The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fixes: OpenSC: Potential PIN bypass when card tracks it...

6.6CVSS6AI score0.01174EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2023/12/19 12:0 a.m.36 views

Moderate: opensc security update

The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fixes: OpenSC: Potential PIN bypass when card tracks it...

6.6CVSS7AI score0.01174EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.25 views

RHEL 9 : opensc (RHSA-2023:7879)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7879 advisory. The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic...

6.6CVSS6.3AI score0.01174EPSS
Exploits0References9
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.16 views

CVE-2023-4535 affecting package opensc for versions less than 0.23.0-2

CVE-2023-4535 affecting package opensc for versions less than 0.23.0-2. A patched version of the package is available...

4.5CVSS5AI score0.00466EPSS
Exploits0
Cvelist
Cvelist
added 2023/11/06 4:57 p.m.24 views

CVE-2023-4535 Opensc: out-of-bounds read in myeid driver handling encryption using symmetric keys

An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...

4.5CVSS5.4AI score0.00466EPSS
Exploits0References7
CVE
CVE
added 2023/11/06 4:57 p.m.167 views

CVE-2023-4535

CVE-2023-4535 affects OpenSC, specifically the MyEID driver’s handling of symmetric key encryption. The vulnerability is an out-of-bounds read in the OpenSC MyEID driver, which can be exploited by a physically proximate attacker using a crafted USB device or smart card to manipulate APDU response...

4.5CVSS4.9AI score0.00466EPSS
Exploits0References9Affected Software1
Amazon
Amazon
added 2023/11/03 12:0 a.m.4 views

Medium: opensc

Issue Overview: Potential PIN bypass. When the token/card was plugged into the computer and authenticated from one process, it could be used to provide cryptographic operations from different process when the empty, zero-length PIN and the token can track the login status using some of its...

6.6CVSS6.3AI score0.01174EPSS
Exploits0
Rows per page
Query Builder