Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opencryptoki project opencryptoki vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0914
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
Opencryptoki Project Opencryptoki
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2021-3798
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid...
Opencryptoki Project Opencryptoki
258
VMScore
CVE-2012-4454
openCryptoki prior to 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) .pkapi_xpk or (2) .pkcs11spinloc file in /tmp.
Opencryptoki Project Opencryptoki 2.3.3
Opencryptoki Project Opencryptoki 2.2.7
Opencryptoki Project Opencryptoki 2.2.4
Opencryptoki Project Opencryptoki 2.2.3
Opencryptoki Project Opencryptoki 2.2.8
Opencryptoki Project Opencryptoki 2.2.5
Opencryptoki Project Opencryptoki 2.3.1
Opencryptoki Project Opencryptoki
Opencryptoki Project Opencryptoki 2.2.4.1
Opencryptoki Project Opencryptoki 2.3.2
Opencryptoki Project Opencryptoki 2.3.0
Opencryptoki Project Opencryptoki 2.2.6
552
VMScore
CVE-2012-4455
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the (1) LCK..opencryptoki or (2) LCK..opencryptoki_stdll file in /var/lock/.
Opencryptoki Project Opencryptoki 2.4.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started