168 matches found
DrvEye
drivertool A static-analysis & exploitation-triage toolkit...
Security update for shim
This update for shim fixes the following issues: shim is updated to version 16.1: shimstartimage: fix guid/handle pairing when uninstalling protocols Fix uncompressed ipv6 netboot fix test segfaults caused by uninitialized memory SbatLevelVariable.txt: minor typo fix. Realloc needs to allocate on...
SUSE-SU-2026:1414-1 Security update for shim
This update for shim fixes the following issues: shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory - SbatLevelVariable.txt: minor typo fix. - Realloc needs to...
CVE-2026-39856
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
CVE-2026-39853
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...
EUVD-2026-20942
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...
PT-2026-31646
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pe page hash calc. When page hash processing is performed on a PE file, the function...
SUSE-RU-2026:20683-1 Recommended update for shim
This update for shim fixes the following issues: This update for shim fixes the following issues: shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory -...
OPENSUSE-RU-2026:20325-1 Recommended update for shim
This update for shim fixes the following issues: This update for shim fixes the following issues: shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory -...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : shim (SUSE-SU-2026:0741-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0741-1 advisory. shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols -...
Security update for shim
This update for shim fixes the following issues: shim is updated to version 16.1: shimstartimage: fix guid/handle pairing when uninstalling protocols Fix uncompressed ipv6 netboot fix test segfaults caused by uninitialized memory SbatLevelVariable.txt: minor typo fix. Realloc needs to allocate on...
[SECURITY] Fedora 42 Update: osslsigncode-2.12-1.fc42
osslsigncode is a small tool that implements part of the functionality of the Microsoft tool signtool.exe - more exactly the Authenticode signing and timestamping. But osslsigncode is based on OpenSSL and cURL, and thus should be able to compile on most platforms where these exist...
[SECURITY] Fedora 43 Update: osslsigncode-2.12-1.fc43
osslsigncode is a small tool that implements part of the functionality of the Microsoft tool signtool.exe - more exactly the Authenticode signing and timestamping. But osslsigncode is based on OpenSSL and cURL, and thus should be able to compile on most platforms where these exist...
Fake 7-Zip downloads are turning home PCs into proxy nodes
A convincing lookalike of the popular 7-Zip archiver site has been serving a trojanized installer that silently converts victims’ machines into residential proxy nodes—and it has been hiding in plain sight for some time. “I’m so sick to my stomach” A PC builder recently turned to Reddit’s...
MiracleLinux 8 : shim-15.8-4.el8_9.ML.1 (AXSA:2024-7744:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7744:01 advisory. shim: RCE in http boot support may lead to Secure Boot bypass CVE-2023-40547 shim: Interger overflow leads to heap buffer overflow in...
CVE-2023-40012
uthenticode is a small cross-platform library for partially verifying Authenticode digital signatures. Versions of uthenticode prior to the 2.x series did not check Extended Key Usages in certificates, in violation of the Authenticode X.509 certificate profile. As a result, a malicious user could...
SUSE-RU-2026:20056-1 Recommended update for shim
This update for shim fixes the following issues: This update for shim fixes the following issues: shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory -...
[SECURITY] [DLA 4426-1] osslsigncode security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4426-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA December 30, 2025 https://wiki.debian.org/LTS -...
EUVD-2021-20459
Malware in sbrugna...