Lucene search
+L

11 matches found

osv
osv
added 2026/07/08 12:0 a.m.5 views

ALSA-2026:36721 Moderate: edk2 security, bug fix, and enhancement update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Bug Fixes and Enhancements: FJ8.10 Bug How to Updat...

7.5CVSS6.7AI score0.01744EPSS
Exploits0References4
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in edk2

The Ubuntu edk2 UEFI firmware packages accidentally allowed access to the UEFI Shell in Secure Boot environments, potentially enabling bypass of Secure Boot restrictions. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some earlier versions introduced a security measure base...

8.8CVSS5.7AI score0.00116EPSS
Exploits0References1
euvd
euvd
added 2025/11/26 6:31 p.m.8 views

EUVD-2025-199745

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

7CVSS6.4AI score0.00256EPSS
Exploits0References2
osv
osv
added 2025/11/26 6:15 p.m.3 views

DEBIAN-CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS8AI score0.00116EPSS
Exploits0References1
osv
osv
added 2025/11/26 6:15 p.m.3 views

UBUNTU-CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS5.8AI score0.00116EPSS
Exploits0References2
cvelist
cvelist
added 2025/11/26 5:33 p.m.13 views

CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

7CVSS0.00116EPSS
Exploits0References1
debiancve
debiancve
added 2025/11/26 5:33 p.m.6 views

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS8AI score0.00116EPSS
Exploits0
alpinelinux
alpinelinux
added 2025/11/26 5:33 p.m.6 views

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS7AI score0.00256EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/03/11 12:0 a.m.7 views

编号撤回

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. This CVE number has been withdrawn...

6.8AI score
Exploits0References2
osv
osv
added 2021/04/02 4:4 a.m.6 views

OPENSUSE-SU-2021:0495-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579 This update was imported from the SUSE:SLE-15-SP2:Update update project...

7.8CVSS7.3AI score0.00399EPSS
Exploits2References5
redhat
redhat
added 2019/05/08 1:44 p.m.99 views

Important: Red Hat Security Advisory: redhat-virtualization-host security update

An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS7.3AI score0.02255EPSS
Exploits0References6
Rows per page
Query Builder