CVSS: 3.4EPSS: 0%CPEs: 9EXPL: 0CVE-2024-8443 – Libopensc: heap buffer overflow in openpgp driver when generating key
https://notcve.org/view.php?id=CVE-2024-8443
10 Sep 2024 — A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the `pkcs15-init` tool may lead to out-of-bound rights, possibly resulting in arbitrary code execution. Se encontró una vulnerabilidad de desbordamiento de búfer en el montón en el controlador OpenPGP de libopensc. Un dispositivo USB o una tarjeta inteligente creados con respuestas maliciosas a las APDU durante... • https://access.redhat.com/security/cve/CVE-2024-8443 • CWE-122: Heap-based Buffer Overflow •
CVSS: 3.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-45620 – Libopensc: incorrect handling of the length of buffers or files in pkcs15init
https://notcve.org/view.php?id=CVE-2024-45620
03 Sep 2024 — A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. • https://access.redhat.com/security/cve/CVE-2024-45620 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.6EPSS: 0%CPEs: 9EXPL: 0CVE-2024-45619 – Libopensc: incorrect handling length of buffers or files in libopensc
https://notcve.org/view.php?id=CVE-2024-45619
03 Sep 2024 — A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a use-after-free vulnerability. An attacker could possibly use this issue to cause ... • https://access.redhat.com/security/cve/CVE-2024-45619 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 3.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-45618 – Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init
https://notcve.org/view.php?id=CVE-2024-45618
03 Sep 2024 — A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. • https://access.redhat.com/security/cve/CVE-2024-45618 • CWE-457: Use of Uninitialized Variable •
CVSS: 3.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-45617 – Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc
https://notcve.org/view.php?id=CVE-2024-45617
03 Sep 2024 — A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a s... • https://access.redhat.com/security/cve/CVE-2024-45617 • CWE-457: Use of Uninitialized Variable •
CVSS: 3.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-45616 – Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc
https://notcve.org/view.php?id=CVE-2024-45616
03 Sep 2024 — A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a s... • https://access.redhat.com/security/cve/CVE-2024-45616 • CWE-457: Use of Uninitialized Variable •
CVSS: 3.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-45615 – Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init
https://notcve.org/view.php?id=CVE-2024-45615
03 Sep 2024 — A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to ot... • https://access.redhat.com/security/cve/CVE-2024-45615 • CWE-457: Use of Uninitialized Variable •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 1CVE-2024-45492 – libexpat: integer overflow
https://notcve.org/view.php?id=CVE-2024-45492
30 Aug 2024 — An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX. Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. Versions greater than or equal... • https://github.com/nidhihcl75/external_expat_2.6.2_CVE-2024-45492 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-45490 – libexpat: Negative Length Parsing Vulnerability in libexpat
https://notcve.org/view.php?id=CVE-2024-45490
30 Aug 2024 — An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function. Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. An attacker could use this issu... • https://github.com/libexpat/libexpat/issues/887 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2024-45491 – libexpat: Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2024-45491
30 Aug 2024 — An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX. Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. ... • https://github.com/libexpat/libexpat/issues/888 • CWE-190: Integer Overflow or Wraparound •