MiracleLinux 8 : edk2-20190829git37eef91017ad-9.el8 (AXSA:2020-915:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-915:01 advisory. edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib CVE-2019-14563 Tenable has extracted the preceding description block directly from the...

RHEL 7 : ovmf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: Malformed X.509 IPAdressFamily could cause OOB read CVE-2017-3735 - edk2: numeric truncation in...

CentOS 8 : edk2 (CESA-2020:1712)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1712 advisory. - edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib CVE-2019-14563 Note that Nessus has not tested for this issue but has instead relied only on the...

Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-4349-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4349-1 advisory. A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of...

edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib

Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...