Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Opensc Project Subscribe
Total 30 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16418 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.6 MEDIUM
A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-16393 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.8 MEDIUM
Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-16392 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.8 MEDIUM
Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-16427 1 Opensc Project 1 Opensc 2019-08-06 2.1 LOW 4.3 MEDIUM
Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.
CVE-2018-16391 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.8 MEDIUM
Several buffer overflows when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-16423 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.6 MEDIUM
A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-16422 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.6 MEDIUM
A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-16421 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.6 MEDIUM
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-16420 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.6 MEDIUM
Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-16419 1 Opensc Project 1 Opensc 2019-08-06 4.6 MEDIUM 6.6 MEDIUM
Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.