Lucene search
K

13 matches found

Rosalinux
Rosalinux
added 2026/02/16 12:24 p.m.9 views

Advisory ROSA-SA-2026-3196

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS
Exploits0
Rosalinux
Rosalinux
added 2026/02/16 7:27 a.m.6 views

Advisory ROSA-SA-2026-3158

Software: opensc 0.20.0 OS: ROSA Virtualization 3.1 unaffected versions = opensc-0.20.0-8.0.1.rv31 affected versions opensc-0.20.0-8.0.1.rv31 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/01/16 12:0 a.m.5 views

CVE-2025-24531

In OpenSC pampkcs11 before 0.6.13, pamsmauthenticate wrongly returns PAMIGNORE in many error situations such as an error triggered by a smartcard before login, allowing authentication bypass...

6.7CVSS6.7AI score0.00235EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-19115

Malware in sbrugna...

5.5CVSS6.2AI score0.00398EPSS
Exploits0References12
Rosalinux
Rosalinux
added 2025/01/27 10:38 a.m.15 views

Advisory ROSA-SA-2025-2580

software: opensc 0.23.0 OS: ROSA-CHROME packageevrstring: opensc-0.23.0-2 CVE-ID: CVE-2023-40660 BDU-ID: 2024-02589 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSC smart card software toolkit and libraries is related to the fact that token/card authentication by one process can perform...

6.6CVSS7.4AI score0.01174EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/12/13 12:0 a.m.6 views

The vulnerability of the pkcs15-init personalization utility and the libopensc library, which are part of the software tools and libraries for working with smart cards in OpenSC, allows a violator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the pkcs15-init personalization utility and the libopensc library related to the OpenSC software suite involves the use of uninitialized variables. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

3.9CVSS6.5AI score0.00355EPSS
Exploits0References12Affected Software7
OSV
OSV
added 2024/09/16 2:11 a.m.18 views

RHSA-2019:2154 Red Hat Security Advisory: opensc security, bug fix, and enhancement update

Bulletin has no description...

4.3CVSS6AI score0.00692EPSS
Exploits10References51
OSV
OSV
added 2024/05/24 10:8 a.m.10 views

SUSE-SU-2024:1773-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2023-5992: Fixed a side-channel leaks while stripping encryption PKCS1 padding bsc1219386...

5.9CVSS6.7AI score0.01156EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/12/19 9:53 a.m.5 views

OpenSC: multiple memory issues with pkcs15-init (enrollment tool)

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

6.4CVSS5.8AI score0.01174EPSS
Exploits0References7
OSV
OSV
added 2020/10/06 2:15 a.m.28 views

CVE-2020-26570

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile...

5.5CVSS7.1AI score
Exploits0References5
OSV
OSV
added 2019/12/22 12:0 a.m.33 views

DLA-2046-1 opensc - security update

Bulletin has no description...

5.5CVSS5.9AI score0.00424EPSS
Exploits0
Veracode
Veracode
added 2019/08/08 12:7 a.m.17 views

Buffer Overflows

opensc is vulnerable to buffer overflows. It is due to lack of proper handling of responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c...

6.8CVSS2.9AI score0.00645EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2009/05/11 4:30 p.m.6 views

CVE-2009-1603

src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted...

7.5CVSS6.5AI score
Exploits0References14
Rows per page
Query Builder