CVE-2024-1454

LOW Year: 2024
CVSS v3 Score
3.4
Low
Weakness Type
CWE-416
View all →

Vulnerability Description

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or smart card to present the system with specially crafted responses to the APDUs, which are considered high complexity and low severity. This manipulation can allow for compromised card management operations during enrolment.

Related Vulnerabilities

CVE-2019-15919

LOW
CVSS:3.3(Low)

An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.

CWE-4162019

CVE-2019-17143

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in th...

CWE-4162019

CVE-2019-6756

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.4.0.16811. User interaction is required to exploit this vulnerability in ...

CWE-4162019

CVE-2019-6758

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that t...

CWE-4162019

CVE-2019-6766

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that...

CWE-4162019

CVE-2019-6770

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that...

CWE-4162019