Lucene search
K

1448 matches found

Cvelist
Cvelist
added 2026/05/29 1:26 p.m.40 views

CVE-2026-40510 OpenSC < 0.27.0-rc1 Stack Buffer Overflow via piv_process_history() in card-piv.c

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

3.8CVSS0.00216EPSS
Exploits0References3
CVE
CVE
added 2026/05/29 1:26 p.m.29 views

CVE-2026-40510

CVE-2026-40510 affects OpenSC before 0.27.0-rc1. A stack buffer overflow in piv_process_history() (src/libopensc/card-piv.c) can memory-corrupt if a physically present attacker uses a crafted PIV card/USB device that returns a URL field longer than 118 bytes in the Key History Object ASN.1 respon...

6.8CVSS6AI score0.00216EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/29 1:26 p.m.9 views

CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

6.8CVSS6AI score0.00216EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/29 1:26 p.m.7 views

CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

3.8CVSS6AI score0.00216EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.9 views

PT-2026-44840

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv process history in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field...

3.8CVSS6AI score0.00216EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

OpenSC 安全漏洞

OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.27.0-rc1 contained security vulnerabilities. These vulnerabilities stemmed from a stack buffer overflow vulnerability in the pivprocesshistory function found in src/libopensc/card-piv.c. Thi...

3.8CVSS5.9AI score0.00216EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

OpenSC 安全漏洞

OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.27.0 contained security vulnerabilities. These vulnerabilities stemmed from a stack and heap buffer overflow vulnerability in the dokeyvalue function located in src/pkcs15init/profile.c. Thi...

3.8CVSS6AI score0.00146EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44841

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.27.0 Description A stack and heap buffer overrun occurs in the do key value function within src/pkcs15init/profile.c. This issue allows memory corruption when a crafted profile configuration file is supplied. During...

7.8CVSS5.5AI score0.00146EPSS
Exploits0References25
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in opensc

OpenSC before version 0.20.0 has a double-free issue in coolkeyfreeprivatedata, because the coolkeyaddobject function in libopensc/card-coolkey.c lacks a uniqueness check...

6.8CVSS6.4AI score0.007EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in opensc

A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTK. The issue arises from the lack of initialization of variables that should be initialized as arguments to other functions, etc...

3.9CVSS6.4AI score0.00355EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in opensc

Buffer overflow issues were identified in Opensc before version 0.22.0 in various locations, which could potentially cause programs using the library to crash...

5.3CVSS6.4AI score0.02675EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in opensc

A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTK. An attacker could use a specially crafted USB device or smart card, causing the system to send specially crafted APDUs. Insufficient or missing checks on the return values of functions lead to...

3.9CVSS6.5AI score0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 12:29 a.m.8 views

CLSA-2026-1779101894 opensc: Fix of CVE-2023-40661

CVE-2023-40661: fix multiple smartcard pkcs15init buffer overflows, underflows and out-of-bounds writes scpkcs15initrmdir, setcoscreatekey, cosmnewfile, cosmcreatekey, scpkcs15getlastupdate, iasecc-sdo, entersafe, epass2003 keygen...

6.4CVSS6.7AI score0.01174EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: opensc (UTSA-2026-017712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017712 advisory. The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile. Tenable has extracted the preceding...

5.5CVSS6AI score0.00398EPSS
Exploits0References4
CBLMariner
CBLMariner
added 2026/05/09 3:31 a.m.9 views

CVE-2025-13763 affecting package opensc for versions less than 0.27.1-1

CVE-2025-13763 affecting package opensc for versions less than 0.27.1-1. A patched version of the package is available...

5.7CVSS5.8AI score0.00176EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/09 3:31 a.m.9 views

CVE-2025-66037 affecting package opensc for versions less than 0.27.1-1

CVE-2025-66037 affecting package opensc for versions less than 0.27.1-1. An upgraded version of the package is available that resolves this issue...

6.8CVSS5.8AI score0.00253EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/05/09 3:31 a.m.10 views

CVE-2025-66215 affecting package opensc for versions less than 0.27.1-1

CVE-2025-66215 affecting package opensc for versions less than 0.27.1-1. An upgraded version of the package is available that resolves this issue...

6.8CVSS5.8AI score0.00159EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/09 3:31 a.m.10 views

CVE-2026-40510 affecting package opensc for versions less than 0.27.0-rc1

CVE-2026-40510 affecting package opensc for versions less than 0.27.0-rc1. A patched version of the package is available...

6.8CVSS5.4AI score0.00216EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/09 3:31 a.m.8 views

CVE-2026-40528 affecting package opensc for versions less than 0.27.0-1

CVE-2026-40528 affecting package opensc for versions less than 0.27.0-1. A patched version of the package is available...

7.8CVSS5.4AI score0.00146EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.3 views

Fedora 44 : opensc (2026-8c5856afbb)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8c5856afbb advisory. New upstream release 2442363 fixing various security issues. Tenable has extracted the preceding description block directly from the Fedora security...

6.8CVSS5.5AI score0.00282EPSS
Exploits2References5
Rows per page
Query Builder