Lucene search
+L

30 matches found

OSV
OSV
added 2026/05/11 10:17 p.m.3 views

CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...

8.6CVSS6.6AI score0.00157EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-1833

Malware in sbrugna...

7.5CVSS6AI score0.08598EPSS
Exploits1References28
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-45120

Malicious code in bioql PyPI...

6.2CVSS6.8AI score0.00409EPSS
Exploits0References11
F5 Networks
F5 Networks
added 2024/11/07 8:40 a.m.14 views

K000148421: Multiple Shim vulnerabilities

Security Advisory Description CVE-2023-40546 A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match th...

8.3CVSS7.7AI score0.04892EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/07/11 3:6 p.m.19 views

60 New Malicious Packages Uncovered in NuGet Supply Chain Attack

Threat actors have been observed publishing a new wave of malicious packages to the NuGet package manager as part of an ongoing campaign that began in August 2023, while also adding a new layer of stealth to evade detection. The fresh packages, about 60 in number and spanning 290 versions,...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/30 12:0 a.m.38 views

EulerOS 2.0 SP12 : shim (EulerOS-SA-2024-1776)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summar...

8.3CVSS7.9AI score0.04892EPSS
Exploits0References7
OSV
OSV
added 2024/02/02 11:6 a.m.5 views

OESA-2024-1118 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker...

8.3CVSS8.6AI score0.04892EPSS
Exploits0References6
OSV
OSV
added 2024/01/29 5:15 p.m.1 views

DEBIAN-CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

5.5CVSS6.7AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2024/01/29 5:15 p.m.12 views

AZL-35256 CVE-2023-40549 affecting package shim for versions less than 15.8-3

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

5.5CVSS6.6AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2024/01/29 5:15 p.m.6 views

AZL-34095 CVE-2023-40549 affecting package shim-unsigned-x64 for versions less than 15.8-1

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

5.5CVSS6.7AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2024/01/29 5:15 p.m.11 views

AZL-35264 CVE-2023-40549 affecting package shim-unsigned-aarch64 for versions less than 15.8-3

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

5.5CVSS6.7AI score0.00409EPSS
Exploits0References1
Prion
Prion
added 2024/01/29 5:15 p.m.29 views

Design/Logic Flaw

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

1.7CVSS6.8AI score0.00409EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2024/01/29 4:29 p.m.26 views

CVE-2023-40549 Shim: out-of-bounds read in verify_buffer_authenticode() malformed pe file

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

6.2CVSS6.9AI score0.00409EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2024/01/29 4:29 p.m.33 views

CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

6.2CVSS6.6AI score0.00409EPSS
Exploits0
Prion
Prion
added 2024/01/29 3:15 p.m.31 views

Heap overflow

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

3.7CVSS7.7AI score0.00432EPSS
Exploits0References2Affected Software2
Debian CVE
Debian CVE
added 2024/01/29 2:53 p.m.38 views

CVE-2023-40548

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

7.4CVSS7.3AI score0.00432EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/01/25 5:18 p.m.40 views

CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service. Mitigation There's no available mitigati...

6.2CVSS6.2AI score0.00409EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/01/25 5:18 p.m.44 views

CVE-2023-40548

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

7.4CVSS7.9AI score0.00432EPSS
Exploits0References3
OSV
OSV
added 2024/01/23 12:0 a.m.4 views

UBUNTU-CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

6.2CVSS6.7AI score0.00409EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/01/23 12:0 a.m.38 views

CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

6.2CVSS7AI score0.00409EPSS
Exploits0References1
Rows per page
Query Builder