Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

113 matches found

OSV
OSVadded 2024/09/10 2:15 p.m.16 views

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS8AI score0.00194EPSS
Exploits0References3
Prion
Prionadded 2024/09/10 2:15 p.m.5 views

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS0.00194EPSS
Exploits0References2
OSV
OSVadded 2024/09/10 2:15 p.m.2 views

UBUNTU-CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS7.5AI score0.00194EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2024/09/10 1:16 p.m.23 views

CVE-2024-8443 Libopensc: heap buffer overflow in openpgp driver when generating key

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS8.4AI score0.00194EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2024/09/10 1:16 p.m.12 views

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS6.7AI score0.00194EPSS
Exploits0
CVE
CVEadded 2024/09/10 1:16 p.m.91 views

CVE-2024-8443

CVE-2024-8443 is a heap-based buffer overflow in the libopensc OpenPGP driver. A crafted USB device or smart card that replies to APDUs during enrollment via pkcs15-init can trigger out-of-bounds access, potentially allowing arbitrary code execution. Public-affecting reports reference the OpenSC ...

2.9CVSS4.7AI score0.00194EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinuxadded 2024/09/10 1:16 p.m.15 views

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS4.5AI score0.00194EPSS
Exploits0
Cvelist
Cvelistadded 2024/09/10 1:16 p.m.19 views

CVE-2024-8443 Libopensc: heap buffer overflow in openpgp driver when generating key

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/09/03 9:21 p.m.20 views

CVE-2024-45620 Libopensc: incorrect handling of the length of buffers or files in pkcs15init

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

3.9CVSS6.8AI score0.00088EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/09/03 9:21 p.m.20 views

CVE-2024-45618 Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

3.9CVSS4AI score0.00116EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/09/03 9:21 p.m.19 views

CVE-2024-45618 Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

3.9CVSS0.00116EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/09/03 9:20 p.m.21 views

CVE-2024-45617 Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...

3.9CVSS6.7AI score0.00145EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/09/03 9:20 p.m.16 views

CVE-2024-45616 Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

3.9CVSS0.00091EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/09/03 9:20 p.m.20 views

CVE-2024-45616 Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

3.9CVSS4.3AI score0.00091EPSS
Exploits0References2
Veracode
Veracodeadded 2023/06/08 11:5 a.m.23 views

Heap-based Buffer Overflow

libopensc.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to the cardoshaveverifyrcpackage function in pkcs15-cardos.c because it scans the ASN1 buffer for 2 tags, but the remaining length can be wrongly calculated due to a moved starting pointer, allowing an attacker...

7.1CVSS6.8AI score0.00027EPSS
Exploits0References10Affected Software2
SUSE CVE
SUSE CVEadded 2023/02/15 4:24 a.m.2 views

SUSE CVE-2018-16391

Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

4.6CVSS8AI score0.00131EPSS
Exploits1References9
SUSE CVE
SUSE CVEadded 2023/02/15 4:24 a.m.1 views

SUSE CVE-2018-16422

A single byte buffer overflow when handling responses from an esteid Card in scpkcs15emuesteidinit in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified othe...

4.6CVSS8.1AI score0.00177EPSS
Exploits1References9
SUSE CVE
SUSE CVEadded 2023/02/15 4:16 a.m.3 views

SUSE CVE-2019-6502

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

4CVSS7.6AI score0.00199EPSS
Exploits1References7
SUSE CVE
SUSE CVEadded 2023/02/15 4:8 a.m.1 views

SUSE CVE-2019-15946

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry in libopensc/asn1.c...

5.1CVSS7.7AI score0.00092EPSS
Exploits0References8
SUSE CVE
SUSE CVEadded 2023/02/15 4:8 a.m.2 views

SUSE CVE-2019-15945

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c...

5.1CVSS7.7AI score0.00113EPSS
Exploits0References8
Rows per page
Query Builder