Doug Engert

2 exploits Active since Apr 2022
CVE-2026-40510 WRITEUP LOW WRITEUP
OpenSC < 0.27.0-rc1 Stack Buffer Overflow via piv_process_history() in card-piv.c
OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv_process_history() in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longer than 118 bytes in the Key History Object ASN.1 response.
CVSS 3.8
CVE-2021-42782 WRITEUP MEDIUM WRITEUP
OpenSC < 0.22.0 - Stack Buffer Overflow
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.
CVSS 5.3