30 matches found
Azure Linux 3.0 Security Update: shim-unsigned-aarch64 (CVE-2019-14584)
The version of shim-unsigned-aarch64 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-14584 advisory. - Null pointer dereference in Tianocore EDK2 May allow an authenticated user to potentially...
CVE-2019-14584 affecting package shim-unsigned-aarch64 for versions less than 15.8-5
CVE-2019-14584 affecting package shim-unsigned-aarch64 for versions less than 15.8-5. An upgraded version of the package is available that resolves this issue...
CVE-2019-14584 affecting package shim-unsigned-x64 for versions less than 15.8-5
CVE-2019-14584 affecting package shim-unsigned-x64 for versions less than 15.8-5. An upgraded version of the package is available that resolves this issue...
SUSE SLES12 Security Update : ovmf (SUSE-SU-2021:2117-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2117-1 advisory. - Fixed a possible buffer overflow in IScsiDxe bsc1186151 - CVE-2021-28211: ovmf: edk2: possible heap corruption with...
SUSE: Security Advisory (SUSE-SU-2021:2117-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3884-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3885-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-14584
Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-14584
CVE-2019-14584 is a null pointer dereference in Tianocore EDK2 that may allow an authenticated local user to escalate privileges. Affected component: EDK II firmware (EDK2) used in various distributions; multiple advisories reference a local-privilege-escalation vulnerability. The Connected docum...
CVE-2019-14584
Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-14584
Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access...
openSUSE Security Update : shim (openSUSE-2021-598)
This update for shim fixes the following issues : - Updated openSUSE x86 signature - Avoid the error message during linux system boot boo1184454 - Prevent the build id being added to the binary. That can cause issues with the signature Update to 15.4 boo1182057 + Rename the SBAT variable and fix...
openSUSE: Security Advisory for shim (openSUSE-SU-2021:0598-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2020:3883-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : ovmf (openSUSE-2020-2314)
This update for ovmf fixes the following issues : - CVE-2019-14584: Fixed a null dereference in AuthenticodeVerify bsc1177789. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
openSUSE Security Update : ovmf (openSUSE-2020-2336)
This update for ovmf fixes the following issues : - CVE-2019-14584: Fixed a null dereference in AuthenticodeVerify bsc1177789. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...
Updated edk2 packages fix multiples security vulnerabilities
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. CVE-2018-12179. Insufficient memory write check in SMM service for EDK II may allow an authenticated...
Security fix for the ALT Linux 10 package edk2 version 20201127-alt1
Jan. 17, 2021 Alexey Shabalin 20201127-alt1 - edk2-stable202011 Fixes: CVE-2019-14584, CVE-2019-11098...
Ubuntu: Security Advisory (USN-4684-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4684-1: EDK II vulnerabilities
Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS...