AZL-35256 CVE-2023-40549 affecting package shim for versions less than 15.8-3

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

Design/Logic Flaw

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

Design/Logic Flaw

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

CVE-2023-40551 Shim: out of bounds read when parsing mz binaries

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

CVE-2023-40551 Shim: out of bounds read when parsing mz binaries

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

CVE-2023-40551

CVE-2023-40551 affects the Shim bootloader (MZ binary format) with an out-of-bounds read that can crash the boot process or expose data. Connected advisories confirm this issue across shim-related deployments and list fixes: Debian LTS advisory for shim up to 15.8-1/15.8-1~deb10u1 and IBM securit...

CVE-2023-40551

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

Heap overflow

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

CVE-2023-40548

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

CyberPower PowerPanel Enterprise Detection

Binary data cyberpowerppedetect.nbin...

Vim Installed (Linux)

Binary data vimnixinstalled.nbin...

CyberPower PowerPanel Enterprise Authentication Bypass (CVE-2023-3265)

Binary data cyberpowerppecve-2023-3265.nbin...

Apple iOS < 17 Multiple Vulnerabilities (HT213938)

Binary data appleios17check.nbin...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

Pwnkit Exploit Instructions I did not write this. This is on...

FreeBSD : rclone -- Multiple vulnerabilities (b5e22ec5-bc4b-11ee-b0b5-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b5e22ec5-bc4b-11ee-b0b5-b42e991fc52e advisory. - A race condition in go-resty can result in HTTP request body disclosure across requests. Thi...

Protobuf vs JSON

A Beginners Guide to Understanding Protobuf & JSON When you dive into the sphere of data serialization, you're likely to encounter two dominant players - Protobuf, the colloquial term for Protocol Buffers, and JSON, standing for JavaScript Object Notation. Both of these formats carry distinctive...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache-parent, apache-sshd (SUSE-SU-2024:0224-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0224-1 advisory. - Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD =...

CVE-2023-40551

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. Mitigation There's no available mitigati...