EUVD-2024-41536

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-24032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value...

ROS-20241211-01

The vulnerability of the OpenSC smart card software toolkit and libraries is related to the fact that, that in pkcs15init buffers are partially filled with data, and initialized portions of the buffer can be accessed by bypassing the restrictions. Exploitation of the vulnerability could allow an...

CVE-2024-45619

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer...

CVE-2024-45615

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...

CVE-2024-45616

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

CVE-2024-45616

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

CVE-2024-45615

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...

CVE-2024-45619

CVE-2024-45619 affects OpenSC and the related PKCS#11 components (OpenSC, opensc tools, minidriver, CTK). The issue is caused by incorrect handling of the length of buffers or files, where buffers partially filled with data can expose uninitialized parts, potentially enabling crashes or informati...

CVE-2024-45619

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer...

CVE-2024-45616

CVE-2024-45616 affects OpenSC and related components (OpenSC tools, PKCS#11 module, minidriver, CTK). The root cause is insufficient control of the response APDU buffer and its length when communicating with a smart card or USB device, which can lead to information leakage or instability. The vul...

CVE-2024-45616

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

CVE-2024-45615 Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...

CVE-2024-45615

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...

PT-2024-9401 · Opensc +5 · Opensc +5

Name of the Vulnerable Software and Affected Versions: OpenSC affected versions not specified Description: A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a special...

Fedora 29 : nss (2019-e2f5e10754)

Updates the nss package to upstream NSS 3.44. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS3.44 releasenotes ---- This fixes a PKCS11 module leak if CGetSlotInfo...

Scientific Linux Security Update : openssh on SL7.x x86_64 (20170801)

The following packages have been upgraded to a later upstream version: openssh 7.4p1. Security Fixes : - A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user...

Oracle Linux 4 : thunderbird (ELSA-2010-0154)

From Red Hat Security Advisory 2010:0154 : An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

USN-927-2: NSS regression

USN-927-1 fixed vulnerabilities in NSS. Upstream NSS 3.12.6 added an additional checksum verification on libnssdbm3.so, but the Ubuntu packaging did not create this checksum. As a result, Firefox could not initialize the security component when the NSS Internal FIPS PKCS 11 Module was enabled. Th...

CentOS Update for thunderbird CESA-2010:0154 centos4 i386

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2010:0154 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...