Known Vulnerabilities for products from Opensc Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Opensc Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-66215 | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the co... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2025-66038 | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sc_compacttlv_find_tag searches a compact-... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2025-66037 | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2025-49010 | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the co... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2021-42782 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-04-18 | 2023-06-21 |
| CVE-2021-42781 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-04-18 | 2023-06-21 |
| CVE-2021-42780 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-04-18 | 2023-06-21 |
| CVE-2021-42779 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-04-18 | 2023-06-21 |
| CVE-2021-42778 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-04-18 | 2022-09-29 |
| CVE-2021-34193 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-08-22 | 2023-08-28 |
| CVE-2020-26572 | The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher. | 5.5 - MEDIUM | 2020-10-06 | 2023-11-07 |
| CVE-2020-26571 | The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gems... | 5.5 - MEDIUM | 2020-10-06 | 2023-11-07 |
| CVE-2020-26570 | The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file... | 5.5 - MEDIUM | 2020-10-06 | 2023-11-07 |
| CVE-2019-20792 | OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c la... | 6.8 - MEDIUM | 2020-04-29 | 2020-05-26 |
| CVE-2019-19481 | An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limit... | 4.6 - MEDIUM | 2019-12-01 | 2023-11-07 |
| CVE-2019-19480 | An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect fre... | 4.6 - MEDIUM | 2019-12-01 | 2023-11-07 |
| CVE-2019-19479 | An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read... | 5.5 - MEDIUM | 2019-12-01 | 2023-11-07 |
| CVE-2019-16058 | An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a lengt... | 7.5 - HIGH | 2019-09-06 | 2019-09-12 |
| CVE-2019-15946 | OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c. | 6.4 - MEDIUM | 2019-09-05 | 2023-11-07 |
| CVE-2019-15945 | OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c. | 6.4 - MEDIUM | 2019-09-05 | 2023-11-07 |
Known software with vulnerabilities from Opensc Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Opensc Project | Opensc | 0.2.0 |