71 matches found
CVE-2025-10451
CVE-2025-10451 affects Insyde InsydeH2O (EFI/UEFI) with an unchecked output buffer that can enable arbitrary code execution in System Management Mode (SMM) and may cause SMM memory corruption. The CVE is described as a H19Int15CallbackSmm memory-corruption vulnerability in combined DXE/SMM (SMRAM...
EUVD-2020-19730
Malware in sbrugna...
EUVD-2023-45118
Malicious code in bioql PyPI...
EUVD-2023-45122
Malicious code in bioql PyPI...
EUVD-2023-45121
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-40548
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE...
Linux Distros Unpatched Vulnerability : CVE-2023-40551
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's...
Linux Distros Unpatched Vulnerability : CVE-2023-40550
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...
Azure Linux 3.0 Security Update: shim (CVE-2023-40551)
The version of shim installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40551 advisory. - A flaw was found in the MZ binary format in Shim. An out-of-bounds read May occur, leading to a crash or...
Azure Linux 3.0 Security Update: shim / shim-unsigned-aarch64 / shim-unsigned-x64 (CVE-2023-40550)
The version of shim / shim-unsigned-aarch64 / shim-unsigned-x64 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40550 advisory. - An out-of-bounds read flaw was found in Shim when it tried to...
EulerOS 2.0 SP8 : shim (EulerOS-SA-2024-2051)
According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summar...
EulerOS 2.0 SP12 : shim (EulerOS-SA-2024-1753)
According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact...
EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1602)
According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. Thi...
Oracle Linux 7 : shim (ELSA-2024-1959)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1959 advisory. - Full list of fixed CVEs: CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551 Orabug: 36271343 - Update to...
SUSE SLES15 Security Update : shim (SUSE-SU-2024:1461-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1461-1 advisory. - There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function...
shim: Out-of-bound read in verify_buffer_sbat()
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...
shim: out of bounds read when parsing MZ binaries
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...
SUSE CVE-2023-40548
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...
shim: Out-of-bound read in verify_buffer_sbat()
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...
shim: Interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...