3608 matches found
edk2 security, bug fix, and enhancement update
An update is available for edk2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK Embedded Development Kit is a project to enable UEFI support for Virtual...
Moderate: Red Hat Security Advisory: edk2 security, bug fix, and enhancement update
An update for edk2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, resulting in an out-of-bound write. This issue can be exploited by an attacker to overwrite grub2’s sensitive heap data, ultimately allowing th...
Astra Linux – Vulnerability in grub2
When reading the .mo file in grubmofileopen, grub2 fails to verify an integer overflow during the allocation of its internal buffer. A specially crafted .mo file may cause the buffer size calculation to overflow, resulting in out-of-bound reads and writes. This flaw allows an attacker to leak...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...
June 23, 2026—KB5095093 (OS Builds 26200.8737 and 26100.8737) Preview
June 23, 2026—KB5095093 OS Builds 26200.8737 and 26100.8737 Preview This cumulative update for Windows 11, version 25H2 and 24H2 KB5095093, includes production-quality improvements. Announcements and messages This section provides key notifications related to this release, including...
Vendor-signed UEFI applications found vulnerable to Secure Boot bypass
Overview Multiple vendor-signed UEFI applications are vulnerable to Secure Boot bypass via a "Bring Your Own Vulnerable Driver" BYOVD-style attack. If a target system trusts the affected vendor’s certificate, an attacker can exploit these applications to execute arbitrary code during the early...
SUSE CVE-2026-8863
Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the...
CVE-2026-48573
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-48570
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-48576
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-48578
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-48568
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-48575
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-45654
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-45588
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release. Of the 206 flaws, 39 are rated Critical, and 167 are rated Important in severity. This includes 63...
EUVD-2026-35525
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
EUVD-2026-35523
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
EUVD-2026-35526
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...