Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opencryptoki project opencryptoki vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2024-0914
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
Opencryptoki Project Opencryptoki
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.5
CVSSv3
CVE-2021-3798
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid...
Opencryptoki Project Opencryptoki
NA
CVE-2012-4454
openCryptoki prior to 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.
Opencryptoki Project Opencryptoki 2.3.3
Opencryptoki Project Opencryptoki 2.2.7
Opencryptoki Project Opencryptoki 2.2.4
Opencryptoki Project Opencryptoki 2.2.3
Opencryptoki Project Opencryptoki 2.2.8
Opencryptoki Project Opencryptoki 2.2.5
Opencryptoki Project Opencryptoki 2.3.1
Opencryptoki Project Opencryptoki
Opencryptoki Project Opencryptoki 2.2.4.1
Opencryptoki Project Opencryptoki 2.3.2
Opencryptoki Project Opencryptoki 2.3.0
Opencryptoki Project Opencryptoki 2.2.6
NA
CVE-2012-4455
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/.
Opencryptoki Project Opencryptoki 2.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started