23 matches found
CVE-2019-25380
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script that allow attackers to inject malicious scripts through multiple parameters. Attackers can submit POST requests to dhcp.cgi with script payloads in parameters su...
CVE-2019-25380
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script. The vulnerability enables attackers to inject JavaScript via posted parameters (e.g., BOOT_SERVER, BOOT_FILE, BOOT_ROOT, START_ADDR, END_ADDR, DNS1, DNS2, NTP1,...
Linux Distros Unpatched Vulnerability : CVE-2023-40547
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
shim: RCE in http boot support may lead to Secure Boot bypass
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
AZL-35254 CVE-2023-40547 affecting package shim for versions less than 15.8-3
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
AZL-33895 CVE-2023-40547 affecting package shim-unsigned-x64 for versions less than 15.8-1
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
AZL-35278 CVE-2023-40547 affecting package shim-unsigned-x64 for versions less than 15.8-3
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
CVE-2023-40547
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
UBUNTU-CVE-2023-40547
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
PT-2023-8436 · Shim +7 · Shim +7
Name of the Vulnerable Software and Affected Versions: Shim versions prior to 15.8 Description: A remote code execution vulnerability was found in Shim, a core component of secure boot in Linux. The vulnerability allows an attacker to craft a specific malicious HTTP request, leading to a complete...
Serva 安全漏洞
Vercot Serva is an automated Pxe server solution gas pedal based on an all-in-one portable multi-server engine from Vercot U.S. Serva is vulnerable to a server remote buffer overflow vulnerability that could be exploited by an attacker to cause a denial of service...
argon client management services <= 1.31 - Directory Traversal vuln
No description provided by source. Luigi Auriemma Application: Argon Client Management Services http://www.argontechnology.com/product.aspx/cid1/43 Versions: = 1.31 TFTP Boot Server = 2.5.3.1 Platforms: Windows Bug: directory traversal in TFTP Boot Server Exploitation: remote Date: 08 Mar 2008...
Directory traversal in Argon Client Management Services 1.31
Luigi Auriemma Application: Argon Client Management Services http://www.argontechnology.com/product.aspx/cid1/43 Versions: = 1.31 TFTP Boot Server = 2.5.3.1 Platforms: Windows Bug: directory traversal in TFTP Boot Server Exploitation: remote Date: 08 Mar 2008 Author: Luigi Auriemma e-mail:...
Argon Client Management Services <= 1.31 Directory Traversal Vuln
No description provided by source. Luigi Auriemma Application: Argon Client Management Services http://www.argontechnology.com/product.aspx/cid1/43 Versions: = 1.31 TFTP Boot Server = 2.5.3.1 Platforms: Windows Bug: directory traversal in TFTP Boot Server Exploitation: remote Date: 08 Mar 2008...