StrongSwan security vulnerabilities

strongSwan is an open-source VPN solution based on IPsec, developed by Andreas Steffen of Switzerland. This solution includes X.509 public key certificates, secure storage of private keys, and authentication mechanisms such as smart cards. strongSwan has a security vulnerability, which stems from...

StrongSwan security vulnerabilities

strongSwan is an open-source VPN solution based on IPsec, developed by Andreas Steffen of Switzerland. This solution includes X.509 public key certificates, secure storage of private keys, and authentication mechanisms such as smart cards. strongSwan has security vulnerabilities, which stem from...

Astra Linux - уязвимость в opensc

A vulnerability was discovered in OpenSC, OpenSC tools, the PKCS11 module, minidrivers, and CTK. An attacker could use a specially crafted USB device or smart card, causing the system to send specially crafted APDUs. Insufficient or missing checks on the return values of functions lead to...

CLSA-2026-1778674879 opensc: Fix of CVE-2024-45619

CVE-2024-45619: fix incorrect access of initialized parts of partially filled buffers triggered by crafted APDU responses from USB devices or smart cards...

Astra Linux - уязвимость в opensc

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process when using the pkcs15-init function. To exploit these vulnerabilities, an attacker must have physical access to the computer system and use a custom-constructed USB device or sma...

SUSE CVE-2025-13763

Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted USB device or smart card that would present the system with specially crafted responses to the APDUs...

SUSE-SU-2026:21283-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...

[SECURITY] Fedora 43 Update: opensc-0.27.1-1.fc43

OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the PKCS11 API so...

Linux Distros Unpatched Vulnerability : CVE-2025-49010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or...

EUVD-2019-6727

Malware in sbrugna...

EUVD-2008-2232

Malware in sbrugna...

EUVD-2010-4491

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-45617

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would...

opensc security update

An update is available for opensc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenSC set of libraries and utilities provides support for working with...

The vulnerability of the SmartCardReader class in the Smart Cards for Windows service (formerly known as Smart Card Resource Manager) on Windows operating systems allows a malicious individual to disclose protected information.

The vulnerability of the SmartCardReader class in the Smart Cards for Windows service previously known as Smart Card Resource Manager in Windows operating systems is related to the use of an uninitialized resource. Exploiting this vulnerability could allow an attacker to disclose sensitive...

Amazon Linux 2 : opensc (ALAS-2024-2709)

The version of opensc installed on the remote host is prior to 0.19.0-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2709 advisory. It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and...

The vulnerability of the PKCS15-init personalization utility in the software and library set for working with smart cards in OpenSC allows a violator to gain unauthorized access to protected information.

The vulnerability of the pkcs15-init personalization utility for smart cards, a software tool and library for working with smart cards in OpenSC, is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized acce...

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

OESA-2024-2245 opensc security update

OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to sma...

SUSE CVE-2024-45620

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...