13 matches found
Advisory ROSA-SA-2026-3196
Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...
Advisory ROSA-SA-2026-3158
Software: opensc 0.20.0 OS: ROSA Virtualization 3.1 unaffected versions = opensc-0.20.0-8.0.1.rv31 affected versions opensc-0.20.0-8.0.1.rv31 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...
CVE-2025-24531
In OpenSC pampkcs11 before 0.6.13, pamsmauthenticate wrongly returns PAMIGNORE in many error situations such as an error triggered by a smartcard before login, allowing authentication bypass...
EUVD-2020-19115
Malware in sbrugna...
Advisory ROSA-SA-2025-2580
software: opensc 0.23.0 OS: ROSA-CHROME packageevrstring: opensc-0.23.0-2 CVE-ID: CVE-2023-40660 BDU-ID: 2024-02589 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSC smart card software toolkit and libraries is related to the fact that token/card authentication by one process can perform...
The vulnerability of the pkcs15-init personalization utility and the libopensc library, which are part of the software tools and libraries for working with smart cards in OpenSC, allows a violator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the pkcs15-init personalization utility and the libopensc library related to the OpenSC software suite involves the use of uninitialized variables. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
RHSA-2019:2154 Red Hat Security Advisory: opensc security, bug fix, and enhancement update
Bulletin has no description...
SUSE-SU-2024:1773-1 Security update for opensc
This update for opensc fixes the following issues: - CVE-2023-5992: Fixed a side-channel leaks while stripping encryption PKCS1 padding bsc1219386...
OpenSC: multiple memory issues with pkcs15-init (enrollment tool)
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...
CVE-2020-26570
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile...
DLA-2046-1 opensc - security update
Bulletin has no description...
Buffer Overflows
opensc is vulnerable to buffer overflows. It is due to lack of proper handling of responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c...
CVE-2009-1603
src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted...