Lucene search
+L

127 matches found

CVE
CVE
added 2022/04/18 12:0 a.m.110 views

CVE-2021-42781

Opensc is affected by CVE-2021-42781 due to heap buffer overflow in pkcs15-oberthur.c up to version 0.22.0. Exploitation could crash applications using the library. Public advisories (Debian, Gentoo, Mageia, Amazon Linux 2 ALAS) indicate the fix is in OpenSC 0.22.0 or later; upgrades to newer ope...

5.3CVSS5.8AI score0.02805EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2022/04/18 12:0 a.m.25 views

CVE-2021-42781

Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library...

5.3CVSS6.7AI score0.02805EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/10/29 12:0 a.m.3 views

PT-2022-11688 · Opensc +2 · Opensc +2

Name of the Vulnerable Software and Affected Versions: Opensc versions prior to 0.22.0 Description: Heap buffer overflow issues were found in the pkcs15-oberthur.c file that could potentially crash programs using the library. Recommendations: For versions prior to 0.22.0, update to version 0.22.0...

7.5CVSS6.1AI score0.02805EPSS
Exploits3References108
RedhatCVE
RedhatCVE
added 2021/10/21 3:34 p.m.45 views

CVE-2021-42781

Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library...

5.3CVSS3.7AI score0.02805EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/12/12 5:8 p.m.28 views

CVE-2019-19480

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...

4.6CVSS1.4AI score0.00573EPSS
Exploits1References3
Veracode
Veracode
added 2019/12/04 8:22 a.m.25 views

Denial Of Service (DoS)

libopenSC is susceptible to denial of service DoS attack. The vulnerability exists because libopensc/pkcs15-prkey.c freed memory incorrectly after the failure in the function scpkcs15decodeprkdfentry, leading to mishandling of the buffer limits for CAC certificates and an application crash...

4.6CVSS2.3AI score0.00573EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2019/12/01 11:15 p.m.28 views

Authorization

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...

2.1CVSS5AI score0.00573EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2019/12/01 11:15 p.m.29 views

CVE-2019-19480

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...

4.6CVSS6.7AI score0.00573EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2019/12/01 10:37 p.m.52 views

CVE-2019-19480

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...

4.6CVSS6AI score0.00573EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2019/12/01 10:37 p.m.57 views

CVE-2019-19480

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...

4.6CVSS5.5AI score0.00573EPSS
Exploits1
Veracode
Veracode
added 2019/08/08 12:7 a.m.28 views

Denial Of Service (DoS)

opensc is vulnerable to denial of service DoS. The attack is possible because it cause a buffer overflow while handling responses from esteid cards in pkcs15-esteid.c:scpkcs15emuesteidinit...

6.6CVSS2.9AI score0.00692EPSS
Exploits1References9Affected Software1
Veracode
Veracode
added 2019/08/08 12:7 a.m.17 views

Buffer Overflows

opensc is vulnerable to buffer overflows. It is due to lack of proper handling of responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c...

6.8CVSS2.9AI score0.00645EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2018/09/03 2:0 p.m.108 views

CVE-2018-16393

OpenSC (opensc) is affected by CVE-2018-16393 due to buffer overflows in gemsafe_get_cert_len() inside libopensc/pkcs15-gemsafeV1.c. The vulnerability exists in OpenSC before 0.19.0-rc1 and can be triggered by processing crafted Gemsafe V1 Smartcards, potentially causing an application crash (DoS...

6.8CVSS6.8AI score0.00645EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.20 views

SuSE 10 Security Update : opensc (ZYPP Patch Number 5910)

This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update...

4.9CVSS7.2AI score0.00393EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.19 views

openSUSE Security Update : libopensc2 (libopensc2-186)

This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization CVE-2008-2235. NOTE: Already initialized cards are still vulnerable after this update...

4.9CVSS7.2AI score0.00393EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.27 views

Mandriva Linux Security Advisory : opensc (MDVSA-2008:183)

Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN without first having the PIN or PUK, or the superuser's PIN or PUK CVE-2008-2235. Please note that this...

4.9CVSS6.9AI score0.00393EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.14 views

Mandriva Update for opensc MDVSA-2008:183 (opensc)

Check for the Version of opensc OpenVAS Vulnerability Test Mandriva Update for opensc MDVSA-2008:183 opensc Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

4.9CVSS0.3AI score0.00393EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2008/12/23 12:0 a.m.22 views

Gentoo Security Advisory GLSA 200812-09 (opensc)

The remote host is missing updates announced in advisory GLSA 200812-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS7.6AI score0.00393EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/09/23 12:0 a.m.23 views

SuSE 10 Security Update : opensc, opensc-devel (ZYPP Patch Number 5588)

This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update...

4.9CVSS7.2AI score0.00393EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2008/09/17 12:0 a.m.26 views

Debian Security Advisory DSA 1627-2 (opensc)

The remote host is missing an update to opensc announced via advisory DSA 1627-2. OpenVAS Vulnerability Test $Id: deb16272.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1627-2 opensc Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

4.9CVSS0.5AI score0.00393EPSS
Exploits1
Rows per page
Query Builder