48 matches found
OpenSC 安全漏洞
OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.27.0 contained security vulnerabilities. These vulnerabilities stemmed from a stack and heap buffer overflow vulnerability in the dokeyvalue function located in src/pkcs15init/profile.c. Thi...
Astra Linux - уязвимость в opensc
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...
Advisory ROSA-SA-2026-3196
Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...
Advisory ROSA-SA-2026-3158
Software: opensc 0.20.0 OS: ROSA Virtualization 3.1 unaffected versions = opensc-0.20.0-8.0.1.rv31 affected versions opensc-0.20.0-8.0.1.rv31 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...
MiracleLinux 8 : opensc-0.20.0-7.el8_9 (AXSA:2024-7353:02)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7353:02 advisory. OpenSC: Potential PIN bypass when card tracks its own login state CVE-2023-40660 OpenSC: multiple memory issues with pkcs15-init enrollment tool...
EUVD-2024-41541
Malicious code in bioql PyPI...
EUVD-2024-41539
Malicious code in bioql PyPI...
Advisory ROSA-SA-2025-3012
software: opensc 0.26.1 OS: ROSA-CHROME unaffected versions = opensc-0.26.1-1 affected versions opensc-0.26.1-1 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc library of the OpenSC smart ca...
Advisory ROSA-SA-2025-3013
software: openscap 1.4.2 OS: ROSA-CHROME unaffected versions = openscap-1.4.2-2 affected versions openscap-1.4.2-2 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc library of the OpenSC smart...
AZL-49081 CVE-2024-8443 affecting package opensc 0.23.0-5
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...
CVE-2024-8443
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...
CVE-2024-8443 Libopensc: heap buffer overflow in openpgp driver when generating key
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...
CVE-2024-8443
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...
CVE-2024-8443 Libopensc: heap buffer overflow in openpgp driver when generating key
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...
SUSE CVE-2024-45620
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...
CVE-2024-45618
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...
CVE-2024-45618
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...
AZL-48801 CVE-2024-45618 affecting package opensc 0.23.0-5
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...
AZL-48711 CVE-2024-45620 affecting package opensc for versions less than 0.26.1-1
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...
CVE-2024-45620
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...