Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensc project opensc 0.19.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-19481
An issue exists in OpenSC up to and including 0.19.0 and 0.20.x up to and including 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates.
Opensc Project Opensc 0.20.0
Opensc Project Opensc 0.19.0
5
CVSSv2
CVE-2019-6502
sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv.
Opensc Project Opensc 0.19.0
4.6
CVSSv2
CVE-2018-16421
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have uns...
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16423
A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
Opensc Project Opensc
2.1
CVSSv2
CVE-2018-16427
Various out of bounds reads when handling responses in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16391
Several buffer overflows when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspeci...
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16392
Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified ...
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16418
A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
Opensc Project Opensc
2.1
CVSSv2
CVE-2018-16426
Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs.
Opensc Project Opensc
4.6
CVSSv2
CVE-2018-16419
Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspe...
Opensc Project Opensc
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »