Lucene search
+L

138 matches found

OSV
OSV
added 2024/01/29 5:15 p.m.12 views

AZL-35277 CVE-2023-40550 affecting package shim-unsigned-x64 for versions less than 15.8-3

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

5.5CVSS6.7AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2024/01/29 5:15 p.m.8 views

AZL-34159 CVE-2023-40550 affecting package shim for versions less than 15.8-1

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

5.5CVSS6.7AI score0.00394EPSS
Exploits0References1
CVE
CVE
added 2024/01/29 4:29 p.m.205 views

CVE-2023-40550

CVE-2023-40550 affects Shim/shim in boot path; root cause is an out-of-bounds read during SBAT validation, potentially exposing sensitive data during system boot. Related IBM/DS8K/HMC advisories describe multiple Shim CVEs consolidated under Power HMC, including fixes in microcode bundles (DS8900...

5.5CVSS6.2AI score0.00394EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVE
added 2024/01/29 4:29 p.m.30 views

CVE-2023-40550

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

5.5CVSS6.8AI score0.00394EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/01/25 5:18 p.m.29 views

CVE-2023-40550

An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase...

5.5CVSS6.2AI score0.00394EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.4 views

PT-2024-2764 · Shim +6 · Shim +6

Name of the Vulnerable Software and Affected Versions: Shim affected versions not specified Description: The issue is related to an out-of-bounds read flaw in Shim when it attempts to validate the SBAT information. This flaw may expose sensitive data during the system's boot phase. Recommendation...

8.3CVSS6.5AI score0.04892EPSS
Exploits2References123
Oracle linux
Oracle linux
added 2023/10/27 12:0 a.m.282 views

grub2 security update

2.02-0.87.0.26.el79.9 - Enable common subpackage for aarch64 - Do not sign aarch64 efi binaries Orabug: 32670043 - Remove aarch64 deps on shim Orabug: 32670043 - Restore versioned certificate provide for aarch64 package to satisfy shim Orabug: 32670043 2.02-0.87.0.24.el79.9 - Replace...

6.9CVSS7AI score0.01284EPSS
Exploits0
Oracle linux
Oracle linux
added 2023/06/13 12:0 a.m.36 views

grub2 security update

2.06-46.0.4.el91.3 - Bump SBAT metadata for grub to 3 Orabug: 34872719 - Fix CVE-2022-3775 Orabug: 34871953 - Enable signing for aarch64 EFI - Fix signing certificate names - Enable back btrfs grub module for EFI pre-built image Orabug: 34360986 - Replaced bugzilla.oracle.com references Orabug:...

8.6CVSS6.9AI score0.00872EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/05/10 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2023:2150-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.00332EPSS
Exploits0References15
OSV
OSV
added 2023/05/09 3:34 p.m.6 views

SUSE-SU-2023:2150-1 Security update for shim

This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...

7.8CVSS8.4AI score0.00332EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2023/05/03 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2023:2086-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.00332EPSS
Exploits0References16
OSV
OSV
added 2023/05/02 1:19 p.m.8 views

SUSE-SU-2023:2086-1 Security update for shim

This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...

7.8CVSS8.3AI score0.00332EPSS
Exploits0References15
OSV
OSV
added 2023/04/17 7:34 a.m.6 views

SUSE-SU-2023:1863-1 Security update for shim

This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...

7.8CVSS8.3AI score0.00332EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2023/03/31 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2023:1702-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.00332EPSS
Exploits0References14
OSV
OSV
added 2023/03/30 1:23 p.m.6 views

SUSE-SU-2023:1702-1 Security update for shim

This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...

7.8CVSS8.3AI score0.00332EPSS
Exploits0References13
Oracle linux
Oracle linux
added 2023/01/12 12:0 a.m.46 views

grub2 security update

2.06-46.0.4 - Bump SBAT metadata for grub to 3 Orabug: 34872719 2.06-46.0.3 - Fix CVE-2022-2601 and CVE-2022-3775 Orabug: 34871953 - Enable signing for aarch64 EFI...

8.6CVSS1.3AI score0.00872EPSS
Exploits0
OSV
OSV
added 2022/11/25 8:39 a.m.4 views

SUSE-SU-2022:4218-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2022-2601: Fixed buffer overflow in grubfontconstructglyph bsc1205178. - CVE-2022-3775: Fixed integer underflow in blitcomb bsc1205182. Other: - Bump upstream SBAT generation to 3...

8.6CVSS7.9AI score0.00872EPSS
Exploits0References5
OSV
OSV
added 2022/11/21 8:29 a.m.6 views

SUSE-SU-2022:4144-1 Security update for grub2

This update for grub2 fixes the following issues: Security Fixes: - CVE-2022-2601: Fixed buffer overflow in grubfontconstructglyph bsc1205178. - CVE-2022-3775: Fixed integer underflow in blitcomb bsc1205182. Other: - Bump upstream SBAT generation to 3...

8.6CVSS7.9AI score0.00872EPSS
Exploits0References5
OSV
OSV
added 2022/11/21 8:29 a.m.6 views

SUSE-SU-2022:4143-1 Security update for grub2

This update for grub2 fixes the following issues: Security Fixes: - CVE-2022-2601: Fixed buffer overflow in grubfontconstructglyph bsc1205178. - CVE-2022-3775: Fixed integer underflow in blitcomb bsc1205182. Other: - Bump upstream SBAT generation to 3...

8.6CVSS7.9AI score0.00872EPSS
Exploits0References5
OSV
OSV
added 2022/11/21 8:29 a.m.8 views

SUSE-SU-2022:4142-1 Security update for grub2

This update for grub2 fixes the following issues: Security Fixes: - CVE-2022-2601: Fixed buffer overflow in grubfontconstructglyph bsc1205178. - CVE-2022-3775: Fixed integer underflow in blitcomb bsc1205182. Other: - Bump upstream SBAT generation to 3...

8.6CVSS7.9AI score0.00872EPSS
Exploits0References5
Rows per page
Query Builder