Lucene search
K
Opensc-projectOpensc

5 matches found

CVE
CVE
added 2011/01/07 7:0 p.m.92 views

CVE-2010-4523

OpenSC (libopensc) is affected by CVE-2010-4523: multiple stack-based buffer overflows in OpenSC

7.2CVSS7.4AI score0.00862EPSS
CVE
CVE
added 2009/05/11 4:0 p.m.84 views

CVE-2009-1603

CVE-2009-1603 affects OpenSC 0.11.7, specifically src/tools/pkcs11-tool.c. When used with unspecified third‑party PKCS#11 modules, it generates RSA keys with incorrect public exponents, allowing an attacker to read the cleartext form of messages that were intended to be encrypted. This vulnerabil...

7.5CVSS7.2AI score0.01091EPSS
CVE
CVE
added 2009/03/02 10:0 p.m.78 views

CVE-2009-0368

OpenSC (the OpenSC package) is affected by CVE-2009-0368. The vulnerability allows private data objects on smartcards initialized with OpenSC to be read without authentication, demonstrated via a low-level APDU command or via debugging tools (e.g., reading specific files with opensc-explorer/open...

2.1CVSS7.3AI score0.01215EPSS
CVE
CVE
added 2008/08/01 2:0 p.m.61 views

CVE-2008-2235

OpenSC (pre-0.11.5) is affected by CVE-2008-2235 due to weak permissions on the 5015 directory for Siemens CardOS M4 smart cards and USB tokens, allowing a physically proximate attacker to change the PIN. The OpenSC/OpenSC-devel packages are the impacted components; the root cause is improper acc...

4.9CVSS7.3AI score0.00393EPSS
CVE
CVE
added 2008/09/10 3:0 p.m.60 views

CVE-2008-3972

CVE-2008-3972 relates to OpenSC prior to 0.11.6 where security updates to a smart card are not applied unless the card label matches “OpenSC”; this can allow physically proximate attackers to bypass patched vulnerabilities (as linked to CVE-2008-2235). Connected OpenVAS entries show SLES9/SLES10 ...

6.6CVSS6.3AI score0.00369EPSS