Lucene search
+L

281 matches found

Amazon
Amazon
added 2026/07/08 12:0 a.m.8 views

Medium: opensc

Issue Overview: A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The...

5.1CVSS5.5AI score0.00296EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/29 2:40 a.m.6 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
OSV
OSV
added 2026/06/24 5:41 a.m.4 views

MGASA-2026-0231 Updated opensc packages fix security vulnerabilities

These packages fix security vulnerabilities: CVE-2026-10275, A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is...

7.8CVSS5.5AI score0.00296EPSS
Exploits0References4
Mageia
Mageia
added 2026/06/24 5:41 a.m.10 views

Updated opensc packages fix security vulnerabilities

These packages fix security vulnerabilities: CVE-2026-10275, A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is...

7.8CVSS5.2AI score0.00296EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/16 1:13 p.m.10 views

CVE-2026-10275

A flaw was found in OpenSC, specifically within the pkcs11-tool Key Generation Module. This vulnerability, located in the testkpgencertwrite function, is a buffer overflow that can be triggered remotely. A remote attacker could exploit this flaw, potentially leading to information disclosure, dat...

5.1CVSS5.7AI score0.00296EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2026:2115-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2115-1 advisory. This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names...

9.8CVSS5.7AI score0.01335EPSS
Exploits1References37
SUSE CVE
SUSE CVE
added 2026/06/02 1:44 a.m.32 views

SUSE CVE-2026-10275

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

7CVSS5.5AI score0.00296EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-10275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key...

5.1CVSS5.4AI score0.00296EPSS
Exploits0References4
NVD
NVD
added 2026/06/01 5:16 p.m.19 views

CVE-2026-10275

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

5.1CVSS0.00296EPSS
Exploits0References9
OSV
OSV
added 2026/06/01 5:16 p.m.7 views

DEBIAN-CVE-2026-10275

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

2.3CVSS5.3AI score0.00296EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/01 4:45 p.m.10 views

CVE-2026-10275

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

5.1CVSS5.5AI score0.00296EPSS
Exploits0
EUVD
EUVD
added 2026/06/01 4:45 p.m.14 views

EUVD-2026-33680

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

5.1CVSS5.5AI score0.00296EPSS
Exploits0References9
CVE
CVE
added 2026/06/01 4:45 p.m.35 views

CVE-2026-10275

OpenSC up to 0.26.1 contains a vulnerability in the pkcs11-tool component, specifically in the function test_kpgen_certwrite of src/tools/pkcs11-tool.c, which leads to a buffer overflow. This issue can be exploited remotely; CVSS-like context indicates network access with high attack complexity a...

5.1CVSS5.5AI score0.00296EPSS
Exploits0References9
OSV
OSV
added 2026/06/01 4:45 p.m.1 views

CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

2.3CVSS5.4AI score0.00296EPSS
Exploits0References11
SUSE Linux
SUSE Linux
added 2026/05/27 7:58 a.m.10 views

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. CVE-2026-33845: buffers: switch from endoffset over to fraglength...

8.8CVSS5.8AI score0.01335EPSS
Exploits1References44
OSV
OSV
added 2026/05/27 7:57 a.m.7 views

SUSE-SU-2026:2087-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-33845: buffers: switch from endoffset over to...

9.8CVSS5.8AI score0.01335EPSS
Exploits1References23
RedHat Linux
RedHat Linux
added 2026/05/26 7:4 a.m.18 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.8AI score0.0015EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.25 views

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2026-1757)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1757 advisory. GnuTLS didn't check that DTLS fragments claimed a consistent messagelength value. Additionally, a crucial array size check was missing, enabling an attacker to cause a heap overwrite...

9.8CVSS5.8AI score0.01335EPSS
Exploits1References16
OSV
OSV
added 2026/05/22 9:56 a.m.7 views

SUSE-SU-2026:21867-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding...

9.8CVSS5.8AI score0.01335EPSS
Exploits1References25
OSV
OSV
added 2026/05/22 9:27 a.m.6 views

SUSE-SU-2026:21784-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding...

9.8CVSS5.8AI score0.01335EPSS
Exploits1References25
Rows per page
Query Builder