CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

113 matches found

SUSE CVE•added 2023/02/15 4:6 a.m.•1 views

SUSE CVE-2019-19479

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute...

4.3CVSS7.6AI score0.00095EPSS

Exploits0References8

OpenVAS•added 2022/01/28 12:0 a.m.•20 views

Mageia: Security Advisory (MGASA-2021-0512)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.7AI score0.00119EPSS

Exploits0References4

Veracode•added 2020/11/05 3:10 a.m.•28 views

Double Free

opensc is vulnerable to double free. The vulnerability exists due to lack of uniqueness check in coolkeyfreeprivatedata because coolkeyaddobject in libopensc/card-coolkey.c...

6.8CVSS1.5AI score0.00165EPSS

Exploits1References6Affected Software1

RedHat Linux•added 2020/11/04 2:10 a.m.•1 views

opensc: Improper handling of buffer limits for CAC certificates

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates...

4.6CVSS5.9AI score0.00123EPSS

Exploits0References4

Tenable Nessus•added 2020/09/28 12:0 a.m.•46 views

EulerOS 2.0 SP3 : opensc (EulerOS-SA-2020-2066)

According to the versions of the opensc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c.CVE-2019-15945 - OpenSC before...

6.4CVSS6.3AI score0.00113EPSS

Exploits0References3

CVE•added 2020/04/29 3:53 a.m.•261 views

CVE-2019-20792

OpenSC = 0.20.0 (or apply vendor-specific patches as listed in advisories). If exploiting details are not provided in the documents, no exploitation specifics are described here.

6.8CVSS6.4AI score0.00165EPSS

Exploits1References3Affected Software1

Tenable Nessus•added 2019/12/27 12:0 a.m.•52 views

Debian DLA-2046-1 : opensc security update

An issue was discovered in libopensc/card-setcos.c in OpenSC, which has an incorrect read operation during parsing of a SETCOS file attribute. For Debian 8 'Jessie', this problem has been fixed in version 0.16.0-3+deb8u2. We recommend that you upgrade your opensc packages. NOTE: Tenable Network...

5.5CVSS6.2AI score0.00095EPSS

Exploits0References3

OpenVAS•added 2019/12/26 12:0 a.m.•36 views

Debian: Security Advisory (DLA-2046-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.00095EPSS

Exploits0References3

Veracode•added 2019/12/04 8:22 a.m.•23 views

Denial Of Service (DoS)

libopenSC is susceptible to denial of service DoS attack. The vulnerability exists because libopensc/pkcs15-prkey.c freed memory incorrectly after the failure in the function scpkcs15decodeprkdfentry, leading to mishandling of the buffer limits for CAC certificates and an application crash...

4.6CVSS2.3AI score0.0019EPSS

Exploits1References7Affected Software1

Veracode•added 2019/12/04 6:9 a.m.•30 views

Denial Of Service (DoS)

libopenSC is vulnerable to denial of service DoS. The vulnerability exists as libopensc/card-cac1.c does not properly handle the buffer limits for CAC certificates, causing an application crash...

4.6CVSS1.7AI score0.00123EPSS

Exploits0References5Affected Software2

NVD•added 2019/12/01 11:15 p.m.•12 views

CVE-2019-19479

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute...

5.5CVSS5.8AI score0.00095EPSS

Exploits0References6

NVD•added 2019/12/01 11:15 p.m.•16 views

CVE-2019-19481

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates...

4.6CVSS5.3AI score0.00123EPSS

Exploits0References4

UbuntuCve•added 2019/12/01 11:15 p.m.•37 views

CVE-2019-19479

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute...

5.5CVSS6.8AI score0.00095EPSS

Exploits0References3

CVE•added 2019/12/01 10:37 p.m.•284 views

CVE-2019-19479

OpenSC has a historical vulnerability CVE-2019-19479: an incorrect read operation in libopensc/card-setcos.c during parsing of a SETCOS file attribute. This issue affects OpenSC up to 0.20.x (0.20.0-rc3) and was acknowledged across multiple advisories (including Debian LTS and AlmaLinux) with fix...

5.5CVSS5.6AI score0.00095EPSS

Exploits0References6Affected Software1

RedhatCVE•added 2019/10/24 3:21 p.m.•20 views

CVE-2019-15946

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry in libopensc/asn1.c...

6.4CVSS2.5AI score0.00092EPSS

Exploits0References3

CNVD•added 2019/09/06 12:0 a.m.•1 views

OpenSC Out-of-Bounds Access Vulnerability

OpenSC is a set of software tools and libraries for smart cards, focusing on smart cards with cryptographic capabilities. An ASN.1 Octet string out-of-bounds access vulnerability exists in asn1decodeentry in libopensc/asn1.c in versions prior to OpenSC 0.20.0-rc1. No detailed vulnerability detail...

6.4CVSS6.8AI score0.00092EPSS

Exploits0References1

NVD•added 2019/09/05 5:15 p.m.•15 views

CVE-2019-15946

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry in libopensc/asn1.c...

6.4CVSS6.3AI score0.00092EPSS

Exploits0References6