CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45619 advisory. - A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use...

4.3CVSS6.3AI score0.00088EPSS

Exploits0References2

Rockylinux•added 2025/05/07 7:13 p.m.•3 views

opensc security update

An update is available for opensc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenSC set of libraries and utilities provides support for working with...

5.9CVSS5.7AI score0.00257EPSS

Exploits1

Rockylinux•added 2025/05/07 7:11 p.m.•5 views

opensc security update

An update is available for opensc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenSC set of libraries and utilities provides support for working with...

5.9CVSS5.7AI score0.00257EPSS

Exploits1

Tenable Nessus•added 2025/05/07 12:0 a.m.•1 views

RockyLinux 9 : opensc (RLSA-2024:0966)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0966 advisory. OpenSC: Side-channel leaks while stripping encryption PKCS1 padding CVE-2023-5992 Tenable has extracted the preceding description block directly from the RockyLin...

5.9CVSS6.6AI score0.00257EPSS

Exploits1References3

OSV•added 2025/03/13 6:25 p.m.•14 views

MGASA-2025-0096 Updated opensc packages fix security vulnerabilities

Heap buffer overflow in openpgp driver when generating key. CVE-2024-8443 Usage of uninitialized values in libopensc and pkcs15init. CVE-2024-45615 Uninitialized values after incorrect check or usage of apdu response values in libopensc. CVE-2024-45616 Uninitialized values after incorrect or...

4.3CVSS7.2AI score0.00194EPSS

Exploits0References3

Tenable Nessus•added 2025/03/05 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2024-45618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially...

3.9CVSS5.9AI score0.00116EPSS

Exploits0References2

Debian•added 2024/12/28 1:30 p.m.•19 views

[SECURITY] [DLA 4004-1] opensc security update

Debian LTS Advisory DLA-4004-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 28, 2024 https://wiki.debian.org/LTS Package : opensc Version : 0.21.0-1+deb11u1 CVE ID : CVE-2021-34193 CVE-2021-42778 CVE-2021-42779 CVE-2021-42780 CVE-2021-42781 CVE-2021-427...

7.5CVSS6.5AI score0.00651EPSS

Exploits1

OSV•added 2024/12/28 12:0 a.m.•20 views

DLA-4004-1 opensc - security update

Bulletin has no description...

7.5CVSS5.7AI score0.00651EPSS

Exploits1

OSV•added 2024/06/15 12:0 a.m.•13 views

OPENSUSE-SU-2024:13765-1 opensc-0.25.0-1.1 on GA media

These are all security issues fixed in the opensc-0.25.0-1.1 package on the GA media of openSUSE Tumbleweed...

5.9CVSS6.3AI score0.00257EPSS

Exploits1References1

OSV•added 2024/03/31 3:27 a.m.•7 views

MGASA-2024-0101 Updated opensc packages fix security vulnerability

Side-channel leaks while stripping encryption PKCS1.5 padding in OpenSC. CVE-2023-5992...

5.9CVSS6.6AI score0.00257EPSS

Exploits1References4

Amazon•added 2024/02/19 12:0 a.m.•5 views

Low: opensc

Issue Overview: A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid. CVE-2021-42779 Affected Packages: opensc Issue Correction: Run dnf update opensc --releasever 2023.3.20240219 to update your system. New Packages: aarch64: ...

5.3CVSS6.9AI score0.00084EPSS

Exploits0

Amazon•added 2023/11/03 12:0 a.m.•2 views

Medium: opensc

Issue Overview: Potential PIN bypass. When the token/card was plugged into the computer and authenticated from one process, it could be used to provide cryptographic operations from different process when the empty, zero-length PIN and the token can track the login status using some of its...

6.6CVSS6.3AI score0.00295EPSS

Exploits0

OSV•added 2023/10/17 3:36 p.m.•5 views

SUSE-SU-2023:4104-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2023-40660: Fixed a PIN bypass that could be triggered when cards tracked their own login state bsc1215762. - CVE-2023-40661: Fixed several memory safety issues that could happen during the card enrollment process using pkcs15-init bsc12157...

6.6CVSS6.7AI score0.00295EPSS

Exploits0References5

OSV•added 2023/06/21 12:0 a.m.•27 views

DLA-3463-1 opensc - security update

Bulletin has no description...

7.5CVSS5.9AI score0.00199EPSS

Exploits1

OSV•added 2023/06/15 5:8 a.m.•4 views

SUSE-SU-2023:2516-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2023-2977: Fixed out of bounds read in pkcs15 cardoshaveverifyrcpackage bsc1211894...

7.1CVSS6.9AI score0.00027EPSS

Exploits0References3