127 matches found
CVE-2021-42781
Opensc is affected by CVE-2021-42781 due to heap buffer overflow in pkcs15-oberthur.c up to version 0.22.0. Exploitation could crash applications using the library. Public advisories (Debian, Gentoo, Mageia, Amazon Linux 2 ALAS) indicate the fix is in OpenSC 0.22.0 or later; upgrades to newer ope...
CVE-2021-42781
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library...
PT-2022-11688 · Opensc +2 · Opensc +2
Name of the Vulnerable Software and Affected Versions: Opensc versions prior to 0.22.0 Description: Heap buffer overflow issues were found in the pkcs15-oberthur.c file that could potentially crash programs using the library. Recommendations: For versions prior to 0.22.0, update to version 0.22.0...
CVE-2021-42781
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library...
CVE-2019-19480
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...
Denial Of Service (DoS)
libopenSC is susceptible to denial of service DoS attack. The vulnerability exists because libopensc/pkcs15-prkey.c freed memory incorrectly after the failure in the function scpkcs15decodeprkdfentry, leading to mishandling of the buffer limits for CAC certificates and an application crash...
Authorization
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...
CVE-2019-19480
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...
CVE-2019-19480
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...
CVE-2019-19480
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...
Denial Of Service (DoS)
opensc is vulnerable to denial of service DoS. The attack is possible because it cause a buffer overflow while handling responses from esteid cards in pkcs15-esteid.c:scpkcs15emuesteidinit...
Buffer Overflows
opensc is vulnerable to buffer overflows. It is due to lack of proper handling of responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c...
CVE-2018-16393
OpenSC (opensc) is affected by CVE-2018-16393 due to buffer overflows in gemsafe_get_cert_len() inside libopensc/pkcs15-gemsafeV1.c. The vulnerability exists in OpenSC before 0.19.0-rc1 and can be triggered by processing crafted Gemsafe V1 Smartcards, potentially causing an application crash (DoS...
SuSE 10 Security Update : opensc (ZYPP Patch Number 5910)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update...
openSUSE Security Update : libopensc2 (libopensc2-186)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization CVE-2008-2235. NOTE: Already initialized cards are still vulnerable after this update...
Mandriva Linux Security Advisory : opensc (MDVSA-2008:183)
Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN without first having the PIN or PUK, or the superuser's PIN or PUK CVE-2008-2235. Please note that this...
Mandriva Update for opensc MDVSA-2008:183 (opensc)
Check for the Version of opensc OpenVAS Vulnerability Test Mandriva Update for opensc MDVSA-2008:183 opensc Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Gentoo Security Advisory GLSA 200812-09 (opensc)
The remote host is missing updates announced in advisory GLSA 200812-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 10 Security Update : opensc, opensc-devel (ZYPP Patch Number 5588)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization. CVE-2008-2235 NOTE: Already initialized cards are still vulnerable after this update...
Debian Security Advisory DSA 1627-2 (opensc)
The remote host is missing an update to opensc announced via advisory DSA 1627-2. OpenVAS Vulnerability Test $Id: deb16272.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1627-2 opensc Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...