925 matches found
CVE-2022-28737
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
AZL-35252 CVE-2022-28737 affecting package shim for versions less than 15.8-3
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
Design/Logic Flaw
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737 There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737 There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
CVE-2022-28737
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
UBUNTU-CVE-2023-36377
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files...
PT-2023-24001 · L7 Networks · L7 Networks Instantqos Iq-8000 +1
Name of the Vulnerable Software and Affected Versions: L7 Networks InstantScan IS-8000 & InstantQoS IQ-8000 affected versions not specified Description: The file uploading function in the affected devices does not properly restrict the upload of files with dangerous types. This allows an...
The vulnerability of the DIAEnergie industrial energy consumption management system, related to the use of pre-set accounting data, allows a perpetrator to execute arbitrary codes.
The vulnerability of the DIAEnergie energy consumption management system involves the use of pre-set accounting data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by uploading executable files into specific directories...
ITPison OMICARD EDM 代码问题漏洞
ITPison OMICARD EDM is a high-speed newsletter EDM marketing and distribution system from the Chinese company ITPison. ITPison OMICARD EDM suffers from a code issue vulnerability that originates from an unrestricted dangerous type file upload vulnerability, which can be exploited by an attacker...
Threat Roundup for May 5 to May 12
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between May 5 and May 12. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
Fedora: Security Advisory for mingw-binutils (FEDORA-2023-d6560c7198)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: mingw-binutils-2.37-8.fc36
Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...
[SECURITY] Fedora 37 Update: mingw-binutils-2.38-8.fc37
Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...
USN-6036-1: PatchELF vulnerability
It was discovered that PatchELF was not properly performing bounds checks, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. CVE-2022-44940...
CVE-2023-0975
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...
Design/Logic Flaw
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...
Fedora: Security Advisory for mingw-binutils (FEDORA-2023-15c6e4be28)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: mingw-binutils-2.39-6.fc38
Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...