Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensc project opensc vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-6502
sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv.
Opensc Project Opensc 0.19.0
4.6
CVSSv2
CVE-2018-16418
A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16419
Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspe...
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16420
Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have ...
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16421
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have uns...
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16422
A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possib...
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16423
A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
Opensc Project Opensc
2.1
CVSSv2
CVE-2018-16426
Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs.
Opensc Project Opensc
2.1
CVSSv2
CVE-2018-16427
Various out of bounds reads when handling responses in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16424
A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
Opensc Project Opensc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »