6 matches found
DEBIAN-CVE-2025-66037
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzzpkcs15reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, scpkcs15pubkeyfromspkifields allocates a zero-length buffer...
EUVD-2019-6921
Malware in sbrugna...
Medium: opensc
Issue Overview: A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where...
Iris ID IrisAccess iCAM4000iCAM7000 - Hard-Coded Credentials Remote Shell Access
Iris ID IrisAccess iCAM4000iCAM7000 - Hard-Coded Credentials Remote Shell Access Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Credentials Remote Shell Access Vendor: Iris ID, Inc. Product web page: http://www.irisid.com http://www.irisid.com/productssolutions/irisaccesssystem/irisaccess4000/...
CVE-2010-4530
CVE-2010-4530 affects the USB CCID driver (libccid) within the Generic USB Chip/Smart Card Interface Devices stack, notably in pcscd/PCSC-Lite 1.5.3 and related packages. The issue is triggered in ccid_serial.c by processing a smart card serial number, where a crafted negative value can be used i...
openSUSE 10 Security Update : libopensc2 (libopensc2-5587)
This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization CVE-2008-2235. NOTE: Already initialized cards are still vulnerable after this update...