Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-54390

Malicious code in bioql PyPI...

4.5CVSS4.9AI score0.00466EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.26 views

CBL Mariner 2.0 Security Update: opensc (CVE-2023-4535)

The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4535 advisory. - An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling...

4.5CVSS5.5AI score0.00466EPSS
Exploits0References2
NVD
NVD
added 2023/11/06 5:15 p.m.18 views

CVE-2023-4535

An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...

4.5CVSS4.8AI score0.00466EPSS
Exploits0References9
OSV
OSV
added 2023/11/06 5:15 p.m.7 views

AZL-31945 CVE-2023-4535 affecting package opensc for versions less than 0.23.0-2

An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...

3.8CVSS7.1AI score0.00466EPSS
Exploits0References1
OSV
OSV
added 2023/11/06 5:15 p.m.28 views

CVE-2023-4535

An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...

3.8CVSS3.9AI score0.00466EPSS
Exploits0References9
Prion
Prion
added 2023/11/06 5:15 p.m.19 views

Cross site scripting

An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...

3.7CVSS6.5AI score0.00466EPSS
Exploits0References9Affected Software3
Cvelist
Cvelist
added 2023/11/06 4:57 p.m.23 views

CVE-2023-4535 Opensc: out-of-bounds read in myeid driver handling encryption using symmetric keys

An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...

4.5CVSS5.4AI score0.00466EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2023/11/06 4:57 p.m.25 views

CVE-2023-4535

An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...

4.5CVSS5.2AI score0.00466EPSS
Exploits0
CVE
CVE
added 2023/11/06 4:57 p.m.162 views

CVE-2023-4535

CVE-2023-4535 affects OpenSC, specifically the MyEID driver’s handling of symmetric key encryption. The vulnerability is an out-of-bounds read in the OpenSC MyEID driver, which can be exploited by a physically proximate attacker using a crafted USB device or smart card to manipulate APDU response...

4.5CVSS4.9AI score0.00466EPSS
Exploits0References9Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2019/08/19 12:0 a.m.80 views

Recommended update for dkgpg, libTMCG (moderate)

openSUSE Security Update: Recommended update for dkgpg, libTMCG Announcement ID: openSUSE-SU-2019:1951-1 Rating: moderate References: Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that contains security fixes can now be installed. Description: This update for dkgpg, libTMCG...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/03/12 12:0 a.m.5 views

July 24, 2018—KB4338827 (OS Build 15063.1235)

July 24, 2018—KB4338827 OS Build 15063.1235 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses additional issues with updated time zone information. Changes the music metadata servi...

5.9AI score
Exploits0
Fedora
Fedora
added 2018/06/20 1:57 a.m.39 views

[SECURITY] Fedora 28 Update: gnupg-1.4.23-1.fc28

GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...

7.5CVSS2.7AI score0.08654EPSS
Exploits0
OSV
OSV
added 2016/01/29 11:2 a.m.6 views

MGASA-2016-0038 Updated chrony packages fix security vulnerability

In chrony before 1.31.2, when used with symmetric key encryption, the client would accept packets encrypted with keys for any configured server, allowing a server to impersonate other servers to clients, thus performing a man-in-the-middle attack CVE-2016-1567...

8.1CVSS7.9AI score0.0264EPSS
Exploits1References4
Mageia
Mageia
added 2016/01/29 11:2 a.m.29 views

Updated chrony packages fix security vulnerability

In chrony before 1.31.2, when used with symmetric key encryption, the client would accept packets encrypted with keys for any configured server, allowing a server to impersonate other servers to clients, thus performing a man-in-the-middle attack CVE-2016-1567...

8.1CVSS3.8AI score0.0264EPSS
Exploits1References3
Fedora
Fedora
added 2013/10/12 12:3 a.m.47 views

[SECURITY] Fedora 19 Update: gnupg-1.4.15-1.fc19

GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...

5.8CVSS2.7AI score0.0503EPSS
Exploits0
Fedora
Fedora
added 2013/10/10 2:48 p.m.26 views

[SECURITY] Fedora 20 Update: gnupg-1.4.15-1.fc20

GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...

5.8CVSS2.7AI score0.0503EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.27 views

Fedora Update for gnupg FEDORA-2007-316

Check for the Version of gnupg OpenVAS Vulnerability Test Fedora Update for gnupg FEDORA-2007-316 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

10CVSS7.8AI score0.07173EPSS
Exploits1References2
Fedora
Fedora
added 2007/03/12 7:15 p.m.52 views

[SECURITY] Fedora Core 5 Update: gnupg-1.4.7-1

GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...

10CVSS2.7AI score0.07173EPSS
Exploits1
Rows per page
Query Builder