Vulnerabilities > Opensc Project

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-8443 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver.
high complexity
opensc-project redhat CWE-787
2.9
2024-09-03 CVE-2024-45615 Use of Uninitialized Resource vulnerability in multiple products
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
high complexity
redhat opensc-project CWE-908
3.9
2024-09-03 CVE-2024-45616 Use of Uninitialized Resource vulnerability in multiple products
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
high complexity
redhat opensc-project CWE-908
3.9
2024-09-03 CVE-2024-45617 Use of Uninitialized Resource vulnerability in multiple products
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
high complexity
redhat opensc-project CWE-908
3.9
2024-09-03 CVE-2024-45618 Use of Uninitialized Resource vulnerability in multiple products
A vulnerability was found in pkcs15-init in OpenSC.
high complexity
redhat opensc-project CWE-908
3.9
2024-09-03 CVE-2024-45619 Classic Buffer Overflow vulnerability in multiple products
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
low complexity
redhat opensc-project CWE-120
4.3
2024-09-03 CVE-2024-45620 Classic Buffer Overflow vulnerability in multiple products
A vulnerability was found in the pkcs15-init tool in OpenSC.
high complexity
redhat opensc-project CWE-120
3.9
2024-02-12 CVE-2024-1454 Use After Free vulnerability in multiple products
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards.
3.4
2024-01-31 CVE-2023-5992 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant.
network
high complexity
opensc-project redhat CWE-203
5.9
2023-11-06 CVE-2023-40660 Improper Authentication vulnerability in multiple products
A flaw was found in OpenSC packages that allow a potential PIN bypass.
low complexity
opensc-project redhat CWE-287
6.6