Known Vulnerabilities for products from Opensc Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Opensc Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40528 json | OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the do_key_value() f... | Not Provided | 2026-05-29 | 2026-07-14 |
| CVE-2026-40510 json | OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv_process_history() in... | Not Provided | 2026-05-29 | 2026-07-14 |
| CVE-2025-66215 json | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the co... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2025-66038 json | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sc_compacttlv_find_tag searches a compact-... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2025-66037 json | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2025-49010 json | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the co... | Not Provided | 2026-03-30 | 2026-04-01 |
| CVE-2024-45620 json | A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which ... | Not Provided | 2024-09-03 | 2026-06-30 |
| CVE-2024-45619 json | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB D... | Not Provided | 2024-09-03 | 2026-06-30 |
| CVE-2024-45618 json | A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would pre... | Not Provided | 2024-09-03 | 2026-06-30 |
| CVE-2024-45617 json | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB D... | Not Provided | 2024-09-03 | 2026-06-30 |
| CVE-2024-45616 json | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB D... | Not Provided | 2024-09-03 | 2026-06-30 |
| CVE-2024-45615 json | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initializati... | Not Provided | 2024-09-03 | 2026-06-30 |
| CVE-2024-8443 json | A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with... | Not Provided | 2024-09-10 | 2026-06-30 |
| CVE-2023-40661 json | Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using ... | 6.4 - MEDIUM | 2023-11-06 | 2023-11-14 |
| CVE-2023-40660 json | A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it ... | 6.6 - MEDIUM | 2023-11-06 | 2023-11-14 |
| CVE-2023-5992 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.9 - MEDIUM | 2024-01-31 | 2024-03-16 |
| CVE-2023-4535 json | An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encrypti... | 3.8 - LOW | 2023-11-06 | 2023-11-14 |
| CVE-2023-2977 json | A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_pa... | 7.1 - HIGH | 2023-06-01 | 2023-11-07 |
| CVE-2021-42782 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-04-18 | 2023-06-21 |
| CVE-2021-42781 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-04-18 | 2023-06-21 |
Known software with vulnerabilities from Opensc Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Opensc Project | Opensc | 0.12.2 |