opensc project

Top products

The 15 most recently published vulnerabilities affecting opensc project.

• CVE-2026-40528OpenSC < 0.27.0 Buffer Overrun in do_key_value() via profile.c3.8May 29, 2026
• CVE-2026-40510OpenSC < 0.27.0-rc1 Stack Buffer Overflow via piv_process_history() in card-piv.c3.8May 29, 2026
• CVE-2025-66215OpenSC: Stack-buffer-overflow WRITE in card-oberthur3.8Mar 30, 2026
• CVE-2025-66038OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers3.9Mar 30, 2026
• CVE-2025-66037OpenSC: Out of Bounds vulnerability3.9Mar 30, 2026
• CVE-2025-49010OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE3.8Mar 30, 2026
• CVE-2025-24531In OpenSC pam_pkcs11 before 0.6.13, pam_sm_authenticate() wrongly returns PAM_IGNORE in many error situations (such as an error triggered by a smartcard before login), allowing authentication bypass.6.7Jan 16, 2026
• CVE-2025-24032PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`)10.0Feb 10, 2025
• CVE-2024-8443Libopensc: heap buffer overflow in openpgp driver when generating key2.9Sep 10, 2024
• CVE-2024-45620Libopensc: incorrect handling of the length of buffers or files in pkcs15init3.9Sep 3, 2024
• CVE-2024-45619Libopensc: incorrect handling length of buffers or files in libopensc4.3Sep 3, 2024
• CVE-2024-45618Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init3.9Sep 3, 2024
• CVE-2024-45617Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc3.9Sep 3, 2024
• CVE-2024-45616Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc3.9Sep 3, 2024
• CVE-2024-45615Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init3.9Sep 3, 2024