Search CVE reports

Toggle filters

11 – 20 of 53 results

CVE-2023-40661

Medium priority

Some fixes available 2 of 4

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker...

1 affected package

opensc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
opensc Not affected Fixed Fixed Not affected
Show less packages

CVE-2023-40660

Medium priority

Some fixes available 2 of 4

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed....

1 affected package

opensc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
opensc Not affected Fixed Fixed Not affected
Show less packages

CVE-2023-2977

Medium priority

Some fixes available 4 of 7

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context....

1 affected package

opensc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
opensc Not affected Fixed Fixed Fixed
Show less packages

CVE-2022-0497

Medium priority
Needs evaluation

A vulnerbiility was found in Openscad, where a .scad file with no trailing newline could cause an out-of-bounds read during parsing of annotations.

1 affected package

openscad

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openscad Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2022-0496

Medium priority
Needs evaluation

A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import().

1 affected package

openscad

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openscad Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2021-43519

Low priority
Needs evaluation

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

45 affected packages

enigma, freeciv, freedroidrpg, fs-uae, golly...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
enigma Not affected Not affected Not affected Not affected
freeciv Not affected Not affected Not affected Not affected
freedroidrpg Needs evaluation Needs evaluation Needs evaluation Needs evaluation
fs-uae Needs evaluation Needs evaluation Needs evaluation Needs evaluation
golly Needs evaluation Needs evaluation Needs evaluation Needs evaluation
goxel Needs evaluation Needs evaluation Needs evaluation Needs evaluation
grub2 Not affected Not affected Not affected Not affected
gtk2-engines Not affected Not affected Not affected Not affected
haskell-hslua Not affected Not affected Not affected Not affected
hedgewars Not affected Not affected Not affected Not affected
lua5.1 Not affected Not affected Not affected Not affected
lua5.2 Not affected Not affected Not affected Not affected
lua5.3 Not affected Not affected Not affected Not affected
lua5.4 Not affected Not affected Not in release Not in release
lua50 Not in release Not in release Not affected Not affected
luajit Not affected Not affected Not affected Not affected
mame Not affected Not affected Not affected Not affected
naev Needs evaluation Needs evaluation Needs evaluation
openscenegraph Not affected Not affected Not affected Not affected
redis Not affected Not affected Not affected Not affected
rust-lua52-sys Needs evaluation Needs evaluation Needs evaluation
scite Needs evaluation Needs evaluation Needs evaluation Needs evaluation
scorched3d Needs evaluation Needs evaluation Needs evaluation Needs evaluation
scummvm Not affected Not affected Not affected Not affected
spring Not affected Not affected Not affected Not affected
syslinux Not affected Not affected Not affected Not affected
syslinux-legacy Not in release Not in release Not affected Not affected
tagua Not affected Not affected Not affected Not affected
tarantool Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected
tup Needs evaluation Needs evaluation Needs evaluation
ufoai Not affected Not affected Not affected Not affected
vifm Needs evaluation Needs evaluation Needs evaluation Needs evaluation
wcc Needs evaluation Needs evaluation Needs evaluation Needs evaluation
wesnoth
widelands Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmoto Not affected Not affected Not affected Not affected
zfs-linux Not affected Not affected Not affected Not affected
ardour Not affected Not affected Not affected Not affected
bam Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blobby Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ceph Not affected Not affected Not affected Not affected
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
eja Not in release Needs evaluation Needs evaluation Needs evaluation
emscripten Needs evaluation Needs evaluation Needs evaluation
Show all 45 packages Show less packages

CVE-2021-42782

Medium priority

Some fixes available 1 of 8

Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.

1 affected package

opensc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
opensc Not affected Not affected Fixed Ignored
Show less packages

CVE-2021-42781

Medium priority
Ignored

Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.

1 affected package

opensc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
opensc Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-42780

Medium priority

Some fixes available 3 of 8

A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.

1 affected package

opensc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
opensc Not affected Not affected Fixed Fixed
Show less packages

CVE-2021-42779

Medium priority
Ignored

A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.

1 affected package

opensc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
opensc Not affected Not affected Ignored Ignored
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON