1448 matches found
CVE-2026-40510 OpenSC < 0.27.0-rc1 Stack Buffer Overflow via piv_process_history() in card-piv.c
OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...
CVE-2026-40510
CVE-2026-40510 affects OpenSC before 0.27.0-rc1. A stack buffer overflow in piv_process_history() (src/libopensc/card-piv.c) can memory-corrupt if a physically present attacker uses a crafted PIV card/USB device that returns a URL field longer than 118 bytes in the Key History Object ASN.1 respon...
CVE-2026-40510
OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...
CVE-2026-40510
OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...
PT-2026-44840
OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv process history in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field...
OpenSC 安全漏洞
OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.27.0-rc1 contained security vulnerabilities. These vulnerabilities stemmed from a stack buffer overflow vulnerability in the pivprocesshistory function found in src/libopensc/card-piv.c. Thi...
OpenSC 安全漏洞
OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.27.0 contained security vulnerabilities. These vulnerabilities stemmed from a stack and heap buffer overflow vulnerability in the dokeyvalue function located in src/pkcs15init/profile.c. Thi...
PT-2026-44841
Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.27.0 Description A stack and heap buffer overrun occurs in the do key value function within src/pkcs15init/profile.c. This issue allows memory corruption when a crafted profile configuration file is supplied. During...
Astra Linux – Vulnerability in opensc
OpenSC before version 0.20.0 has a double-free issue in coolkeyfreeprivatedata, because the coolkeyaddobject function in libopensc/card-coolkey.c lacks a uniqueness check...
Astra Linux – Vulnerability in opensc
A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTK. The issue arises from the lack of initialization of variables that should be initialized as arguments to other functions, etc...
Astra Linux – Vulnerability in opensc
Buffer overflow issues were identified in Opensc before version 0.22.0 in various locations, which could potentially cause programs using the library to crash...
Astra Linux – Vulnerability in opensc
A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTK. An attacker could use a specially crafted USB device or smart card, causing the system to send specially crafted APDUs. Insufficient or missing checks on the return values of functions lead to...
CLSA-2026-1779101894 opensc: Fix of CVE-2023-40661
CVE-2023-40661: fix multiple smartcard pkcs15init buffer overflows, underflows and out-of-bounds writes scpkcs15initrmdir, setcoscreatekey, cosmnewfile, cosmcreatekey, scpkcs15getlastupdate, iasecc-sdo, entersafe, epass2003 keygen...
Unity Linux 20.1070e Security Update: opensc (UTSA-2026-017712)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017712 advisory. The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile. Tenable has extracted the preceding...
CVE-2025-13763 affecting package opensc for versions less than 0.27.1-1
CVE-2025-13763 affecting package opensc for versions less than 0.27.1-1. A patched version of the package is available...
CVE-2025-66037 affecting package opensc for versions less than 0.27.1-1
CVE-2025-66037 affecting package opensc for versions less than 0.27.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-66215 affecting package opensc for versions less than 0.27.1-1
CVE-2025-66215 affecting package opensc for versions less than 0.27.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-40510 affecting package opensc for versions less than 0.27.0-rc1
CVE-2026-40510 affecting package opensc for versions less than 0.27.0-rc1. A patched version of the package is available...
CVE-2026-40528 affecting package opensc for versions less than 0.27.0-1
CVE-2026-40528 affecting package opensc for versions less than 0.27.0-1. A patched version of the package is available...
Fedora 44 : opensc (2026-8c5856afbb)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8c5856afbb advisory. New upstream release 2442363 fixing various security issues. Tenable has extracted the preceding description block directly from the Fedora security...