CVE-2023-4535

LOW Year: 2023
CVSS v3 Score
3.8
Low
Weakness Type
CWE-125
View all →

Vulnerability Description

An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security.

Related Vulnerabilities

CVE-2020-11947

LOW
CVSS:3.8(Low)

iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.

CWE-1252020

CVE-2020-17390

LOW
CVSS:3.8(Low)

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code o...

CWE-1252020

CVE-2020-3970

LOW
CVSS:3.8(Low)

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out...

CWE-1252020

CVE-2024-29948

LOW
CVSS:3.8(Low)

There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a ...

CWE-1252024

CVE-2024-31150

MEDIUM
CVSS:3.8(Low)

Out-of-bounds read for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable information disclosure via local access.

CWE-1252024

CVE-2017-15353

LOW
CVSS:3.7(Low)

Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C...

CWE-1252017