Opensc

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-06	CVE-2023-40661	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. low complexity opensc-project redhat CWE-119	6.4
2023-11-06	CVE-2023-4535	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. high complexity opensc-project redhat fedoraproject CWE-125	3.8
2023-08-22	CVE-2021-34193	Out-of-bounds Write vulnerability in Opensc Project Opensc Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs. network low complexity opensc-project CWE-787	7.5
2023-06-01	CVE-2023-2977	Out-of-bounds Read vulnerability in multiple products A vulnerbility was found in OpenSC. local low complexity opensc-project redhat CWE-125	7.1
2022-04-18	CVE-2021-42778	Double Free vulnerability in multiple products A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. network low complexity opensc-project fedoraproject redhat CWE-415	5.3
2022-04-18	CVE-2021-42779	Use After Free vulnerability in multiple products A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. network low complexity opensc-project fedoraproject redhat CWE-416	5.3
2022-04-18	CVE-2021-42780	Unchecked Return Value vulnerability in multiple products A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. network low complexity opensc-project fedoraproject redhat CWE-252	5.3
2022-04-18	CVE-2021-42781	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. network low complexity opensc-project fedoraproject redhat CWE-787	5.3
2022-04-18	CVE-2021-42782	Out-of-bounds Write vulnerability in multiple products Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library. network low complexity opensc-project fedoraproject CWE-787	5.3
2020-10-06	CVE-2020-26572	Out-of-bounds Write vulnerability in multiple products The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher. local low complexity opensc-project fedoraproject debian CWE-787	5.5