Lucene search
K

285 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004028)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004028 advisory. An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivarssdt ACPI variable could be used by...

6.9CVSS6.8AI score0.00514EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.12 views

PT-2026-27717

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to the freeing of EFI boot services memory. The efi free boot services function incorrectly uses memblock free late to free memory reserved wit...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References167
The Hacker News
The Hacker News
added 2025/12/19 8:25 a.m.80 views

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them susceptible to early-boot direct memory access DMA attacks across architectures that implement a Unified Extensible Firmware Interface UEFI and...

7CVSS6.8AI score0.00314EPSS
Exploits0
NVD
NVD
added 2025/12/16 6:16 p.m.5 views

CVE-2025-62864

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context...

9.8CVSS0.00314EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/12/09 3:0 p.m.5 views

CVE-2024-38798

EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality...

5.8CVSS5.2AI score0.00123EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.2 views

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from improper input validation and could lead to arbitrary command execution...

8.4CVSS6.8AI score0.00669EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/06 5:54 p.m.10 views

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS6.9AI score0.00256EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/11/29 1:2 a.m.5 views

UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu

...

8.8CVSS7AI score0.00113EPSS
Exploits0
Cvelist
Cvelist
added 2025/11/11 4:51 p.m.7 views

CVE-2025-35968

Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...

7.1CVSS0.00103EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.6 views

PT-2025-46437

Name of the Vulnerable Software and Affected Versions UEFI firmware with Slim Bootloader affected versions not specified Description A flaw exists in the UEFI firmware for the Slim Bootloader that could allow for privilege escalation. A local attacker with privileged user access and high complexi...

7.1CVSS5.7AI score0.00103EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989074)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989074 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports 0 that his recent...

5.5CVSS6AI score0.00219EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989446)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989446 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is...

6.2CVSS6.1AI score0.00237EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/11/01 1:1 a.m.3 views

efi: Don't map the entire mokvar table to determine its size

...

5.5CVSS7AI score0.00189EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987643 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports 0 that his recent...

5.5CVSS6AI score0.00219EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/14 7:9 p.m.2 views

CVE-2025-33182

NVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the Linux Device Tree. A successful exploitation of this vulnerability might lead to data tampering, denial of service...

7.6CVSS6.4AI score0.00304EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987171 advisory. In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmigetvariable We can get EFI variables without fetching the attribute, ...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: microcode_ctl (UTSA-2025-984678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984678 advisory. Improper input validation in UEFI firmware for some IntelR processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS7.6AI score0.00259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: microcode_ctl (UTSA-2025-984695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984695 advisory. Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS7.2AI score0.00237EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25798

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00326EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27914

Malicious code in bioql PyPI...

6.2AI score0.00191EPSS
Exploits0References4
Rows per page
Query Builder