Vulnerabilities > Opensc Project > Low

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-8443 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver.
high complexity
opensc-project redhat CWE-787
2.9
2024-09-03 CVE-2024-45620 Classic Buffer Overflow vulnerability in multiple products
A vulnerability was found in the pkcs15-init tool in OpenSC.
high complexity
redhat opensc-project CWE-120
3.9
2024-09-03 CVE-2024-45618 Use of Uninitialized Resource vulnerability in multiple products
A vulnerability was found in pkcs15-init in OpenSC.
high complexity
redhat opensc-project CWE-908
3.9
2024-09-03 CVE-2024-45617 Use of Uninitialized Resource vulnerability in multiple products
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
high complexity
redhat opensc-project CWE-908
3.9
2024-09-03 CVE-2024-45616 Use of Uninitialized Resource vulnerability in multiple products
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
high complexity
redhat opensc-project CWE-908
3.9
2024-09-03 CVE-2024-45615 Use of Uninitialized Resource vulnerability in multiple products
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
high complexity
redhat opensc-project CWE-908
3.9
2024-02-12 CVE-2024-1454 Use After Free vulnerability in multiple products
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards.
3.4
2023-11-06 CVE-2023-4535 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption.
3.8
2018-09-04 CVE-2018-16426 Uncontrolled Recursion vulnerability in Opensc Project Opensc
Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs.
local
low complexity
opensc-project CWE-674
2.1
2018-09-04 CVE-2018-16427 Out-of-bounds Read vulnerability in Opensc Project Opensc
Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.
local
low complexity
opensc-project CWE-125
2.1