Lucene search
K

53 matches found

NVD
NVD
added 2024/02/12 11:15 p.m.16 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.2AI score0.00422EPSS
Exploits0References8
Prion
Prion
added 2024/02/12 11:15 p.m.15 views

Design/Logic Flaw

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

2.6CVSS6.9AI score0.00422EPSS
Exploits0References4
OSV
OSV
added 2024/02/12 10:29 p.m.18 views

CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS6.4AI score0.00422EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/02/12 10:29 p.m.31 views

CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.2AI score0.00422EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/02/12 10:29 p.m.25 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS3.5AI score0.00422EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2024/02/12 10:29 p.m.21 views

CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS4.3AI score0.00422EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/27 12:0 a.m.36 views

Debian dla-3668 : opensc - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3668 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3668-1 [email protected]...

6.6CVSS6.6AI score0.01174EPSS
Exploits0References6
NVD
NVD
added 2023/11/06 5:15 p.m.20 views

CVE-2023-40661

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

6.4CVSS6AI score0.01174EPSS
Exploits0References12
CVE
CVE
added 2023/11/06 4:58 p.m.434 views

CVE-2023-40661

Summary: CVE-2023-40661 affects the OpenSC project, specifically the enrollment tooling pkcs15-init. The issue consists of multiple memory-related vulnerabilities reported by dynamic analysis during the card enrollment process, where a locally present attacker with physical access could manipulat...

6.4CVSS6AI score0.01174EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2023/11/06 4:58 p.m.34 views

CVE-2023-40661 Opensc: multiple memory issues with pkcs15-init (enrollment tool)

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

5.4CVSS6.6AI score0.01174EPSS
Exploits0References7
OSV
OSV
added 2023/11/06 4:58 p.m.28 views

CVE-2023-40661 Opensc: multiple memory issues with pkcs15-init (enrollment tool)

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

5.4CVSS6.7AI score0.01174EPSS
Exploits0References16
Debian CVE
Debian CVE
added 2023/11/06 4:58 p.m.25 views

CVE-2023-40661

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

6.4CVSS6.4AI score0.01174EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2023/10/04 4:54 a.m.41 views

CVE-2023-40661

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

5.4CVSS6.5AI score0.01174EPSS
Exploits0References6
Rows per page
Query Builder