153 matches found
EUVD-2018-8258
Malware in sbrugna...
EUVD-2018-8262
Malware in sbrugna...
EUVD-2018-8266
Malware in sbrugna...
EUVD-2018-8267
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-16392
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several buffer overflows when handling responses from a TCOS Card in tcosselectfile in libopensc/card- tcos.c in OpenSC before 0.19.0-rc1 could be used by...
Linux Distros Unpatched Vulnerability : CVE-2018-16419
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several buffer overflows when handling responses from a Cryptoflex card in readpublickey in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by...
Linux Distros Unpatched Vulnerability : CVE-2018-16427
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially cras...
Linux Distros Unpatched Vulnerability : CVE-2018-16424
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A double free when handling responses in readfile in tools/egk-tool.c aka the eGK card tool in OpenSC before 0.19.0-rc1 could be used by attackers able to suppl...
Linux Distros Unpatched Vulnerability : CVE-2018-16426
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Endless recursion when handling responses from an IAS-ECC card in iaseccselectfile in libopensc/card- iasecc.c in OpenSC before 0.19.0-rc1 could be used by...
Linux Distros Unpatched Vulnerability : CVE-2018-16422
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A single byte buffer overflow when handling responses from an esteid Card in scpkcs15emuesteidinit in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 coul...
CVE-2021-3011
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access and consequently produce a...
Buffer Overflow
libopensc.so is vulnerable to Buffer Overflows. The vulnerability exists due to a lack of validation in smartcards in the library, which allows an attacker to send maliciously crafted responses to APDU commands through a malicious smartcard or USB devices, possibly resulting in an application cra...
Oracle Linux 7 : opensc (ELSA-2019-2154)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-2154 advisory. 0.19.0-3 - Make OpenSC multilib also on s390 and ppc arches 0.19.0-2 - Make OpenSC multilib again by moving the conflicting files on ix86 arch 0.19.0-1...
SUSE CVE-2018-16391
Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
SUSE CVE-2018-16393
Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified...
SUSE CVE-2018-16419
Several buffer overflows when handling responses from a Cryptoflex card in readpublickey in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
SUSE CVE-2018-16418
A buffer overflow when handling string concatenation in utilacltostr in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
SUSE CVE-2018-16422
A single byte buffer overflow when handling responses from an esteid Card in scpkcs15emuesteidinit in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified othe...
SUSE CVE-2018-16421
Several buffer overflows when handling responses from a CAC Card in cacgetserialnrfromCUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
SUSE CVE-2018-16424
A double free when handling responses in readfile in tools/egk-tool.c aka the eGK card tool in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...