Vulnerabilities > Redhat > Shim
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-29 | CVE-2023-40546 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in Shim when an error happened while creating a new ESL variable. | 5.5 |
| 2024-01-29 | CVE-2023-40549 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. | 5.5 |
| 2024-01-29 | CVE-2023-40550 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. | 5.5 |
| 2024-01-29 | CVE-2023-40551 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the MZ binary format in Shim. | 5.1 |
| 2024-01-29 | CVE-2023-40548 | Integer Overflow or Wraparound vulnerability in multiple products A buffer overflow was found in Shim in the 32-bit system. | 7.4 |
| 2024-01-25 | CVE-2023-40547 | Out-of-bounds Write vulnerability in Redhat Enterprise Linux and Shim A remote code execution vulnerability was found in Shim. | 8.3 |
| 2023-07-20 | CVE-2022-28737 | Out-of-bounds Write vulnerability in Redhat Shim There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. | 7.8 |
| 2014-10-22 | CVE-2014-3677 | Unspecified vulnerability in Redhat Shim Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption. | 7.5 |
| 2014-10-22 | CVE-2014-3676 | Out-Of-Bounds Write vulnerability in Redhat Shim Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option." | 7.5 |
| 2014-10-22 | CVE-2014-3675 | Out-Of-Bounds Read vulnerability in Redhat Shim Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. | 5.0 |