Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/25 8:44 p.m.6 views

CVE-2026-27015

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in smartcardunpackreadsizealign libfreerdp/utils/smartcardpack.c:1703 allows a malicious RDP server to crash the FreeRDP client via a reachable WINPRASSERT → abort. The crash occurs in...

6.5CVSS5.5AI score0.00256EPSS
Exploits1References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.2 views

SUSE CVE-2018-16425

A double free when handling responses from an HSM Card in scpkcs15emuschsminit in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

4.6CVSS7.9AI score0.0066EPSS
Exploits1References5
Cvelist
Cvelist
added 2019/01/11 6:0 p.m.20 views

CVE-2018-4179

In macOS High Sierra before 10.13.4, there was an issue with the handling of smartcard PINs. This issue was addressed with additional logic...

6AI score0.00325EPSS
Exploits0References1
OSV
OSV
added 2019/01/08 9:50 p.m.7 views

MGASA-2019-0019 Updated opensc packages fix security vulnerabilities

Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

6.8CVSS6.4AI score0.00692EPSS
Exploits12References3
Debian CVE
Debian CVE
added 2018/09/03 2:0 p.m.12 views

CVE-2018-16393

Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified...

6.8CVSS7.4AI score0.00645EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2016/06/06 3:55 p.m.2 views

spice: heap-based memory corruption within smartcard handling

A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice's smartcard interaction, which runs under the QEMU-KVM context on the host. A user connecting to a guest VM using spice could potentially use this flaw to crash the QEMU-KVM process or execute arbitrary code wit...

10CVSS6.2AI score0.08492EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2016/06/06 12:0 a.m.39 views

spice-server security update

0.12.4-13.1 - Fix heap-based memory corruption within smartcard handling Resolves: CVE-2016-0749 - Fix host memory access from guest with invalid primary surface parameters Resolves: CVE-2016-2150...

10CVSS2.8AI score0.08492EPSS
Exploits0
Oracle linux
Oracle linux
added 2016/06/06 12:0 a.m.30 views

spice security update

0.12.4-15.1 - Fix heap-based memory corruption within smartcard handling Resolves: CVE-2016-0749 - Fix host memory access from guest with invalid primary surface parameters Resolves: CVE-2016-2150...

10CVSS2.7AI score0.08492EPSS
Exploits0
Rows per page
Query Builder