Vulnerabilities > Opensc Project

DATE CVE VULNERABILITY TITLE RISK
2020-10-06 CVE-2020-26571 Out-of-bounds Write vulnerability in multiple products
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
5.5
2020-10-06 CVE-2020-26570 Out-of-bounds Write vulnerability in multiple products
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.
5.5
2020-04-29 CVE-2019-20792 Double Free vulnerability in Opensc Project Opensc
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
low complexity
opensc-project CWE-415
6.8
2020-01-30 CVE-2013-1866 Link Following vulnerability in Opensc Project Opensc
OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability
low complexity
opensc-project CWE-59
6.1
2019-12-01 CVE-2019-19481 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opensc Project Opensc 0.19.0/0.20.0
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3.
low complexity
opensc-project CWE-119
4.6
2019-12-01 CVE-2019-19480 Operation on a Resource after Expiration or Release vulnerability in Opensc Project Opensc
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3.
low complexity
opensc-project CWE-672
4.6
2019-12-01 CVE-2019-19479 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3.
5.5
2019-09-06 CVE-2019-16058 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opensc Project Opensc 0.2.0/0.3.0
An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC.
network
low complexity
opensc-project CWE-119
7.5
2019-09-05 CVE-2019-15946 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.
6.4
2019-09-05 CVE-2019-15945 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c.
6.4