Lucene search
+L

71 matches found

Debian CVE
Debian CVE
added 2024/01/29 4:46 p.m.29 views

CVE-2023-40551

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

5.1CVSS6.7AI score0.00394EPSS
Exploits0
Cvelist
Cvelist
added 2024/01/29 4:46 p.m.33 views

CVE-2023-40551 Shim: out of bounds read when parsing mz binaries

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

5.1CVSS6.5AI score0.00394EPSS
Exploits0References11
Cvelist
Cvelist
added 2024/01/29 4:29 p.m.48 views

CVE-2023-40550 Shim: out-of-bound read in verify_buffer_sbat()

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

5.5CVSS6.6AI score0.00394EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2024/01/29 4:29 p.m.8 views

CVE-2023-40550 Shim: out-of-bound read in verify_buffer_sbat()

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

5.5CVSS6.8AI score0.00394EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2024/01/29 4:29 p.m.30 views

CVE-2023-40550

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

5.5CVSS6.8AI score0.00394EPSS
Exploits0
OSV
OSV
added 2024/01/29 3:15 p.m.15 views

AZL-35255 CVE-2023-40548 affecting package shim for versions less than 15.8-3

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

7.4CVSS7.3AI score0.00432EPSS
Exploits0References1
Prion
Prion
added 2024/01/29 3:15 p.m.31 views

Heap overflow

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

3.7CVSS7.7AI score0.00432EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2024/01/29 12:0 a.m.2 views

Red Hat Shim Security Breach

Red Hat Shim is a simple software package from Red Hat. It is intended to be used as a first-stage boot loader on UEFI systems. A security vulnerability exists in Red Hat Shim that stems from an out-of-bounds read issue, which could result in the exposure of sensitive data during the system boot...

5.5CVSS8.5AI score0.00394EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/01/25 5:18 p.m.28 views

CVE-2023-40550

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

5.5CVSS6.2AI score0.00394EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/01/25 5:18 p.m.44 views

CVE-2023-40551

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

5.1CVSS6.2AI score0.00394EPSS
Exploits0References3
Prion
Prion
added 2024/01/25 4:15 p.m.26 views

Remote code execution

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...

4.3CVSS8.4AI score0.04892EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2024/01/25 3:54 p.m.33 views

CVE-2023-40547 Shim: rce in http boot support may lead to secure boot bypass

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...

8.3CVSS7.5AI score0.04892EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2024/01/25 3:54 p.m.1 views

CVE-2023-40547 Shim: rce in http boot support may lead to secure boot bypass

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...

8.3CVSS8AI score0.04892EPSS
Exploits0References11
Cvelist
Cvelist
added 2024/01/25 3:54 p.m.36 views

CVE-2023-40547 Shim: rce in http boot support may lead to secure boot bypass

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...

8.3CVSS8.7AI score0.04892EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2024/01/24 1:48 p.m.79 views

CVE-2023-40547

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...

8.3CVSS9.6AI score0.04892EPSS
Exploits0References3
OSV
OSV
added 2024/01/23 12:0 a.m.1 views

UBUNTU-CVE-2023-40551

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...

5.1CVSS6.7AI score0.00394EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/01/23 12:0 a.m.40 views

CVE-2023-40548

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

7.4CVSS7.1AI score0.00432EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/01/23 12:0 a.m.445 views

CVE-2023-40547

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...

8.3CVSS7.5AI score0.04892EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.3 views

PT-2024-2765 · Shim +6 · Shim +6

Name of the Vulnerable Software and Affected Versions: Shim affected versions not specified Description: A flaw was found in the MZ binary format in Shim, which is related to an out-of-bounds read. This issue may cause a crash or potentially expose sensitive data during the system's boot phase...

8.3CVSS6.7AI score0.04892EPSS
Exploits2References123
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.4 views

PT-2024-2764 · Shim +6 · Shim +6

Name of the Vulnerable Software and Affected Versions: Shim affected versions not specified Description: The issue is related to an out-of-bounds read flaw in Shim when it attempts to validate the SBAT information. This flaw may expose sensitive data during the system's boot phase. Recommendation...

8.3CVSS6.5AI score0.04892EPSS
Exploits2References123
Rows per page
Query Builder