Shim
Monthly
A buffer overflow was found in Shim in the 32-bit system. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.
A remote code execution vulnerability was found in Shim. Rated high severity (CVSS 8.3), this vulnerability is no authentication required. No vendor patch available.
The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
A buffer overflow was found in Shim in the 32-bit system. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.
A remote code execution vulnerability was found in Shim. Rated high severity (CVSS 8.3), this vulnerability is no authentication required. No vendor patch available.
The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows local users to cause a denial of service via unspecified vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.