Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 7 : ovmf-20180508-3.gitee3198e672e2.el7.1 (AXSA:2019-3846:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3846:01 advisory. Security Fix - ovmf IO CVE-2018-12180 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux securit...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.29 views

Oracle Linux 7 : edk2 (ELSA-2019-4785)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4785 advisory. 1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel...

9.1CVSS7.7AI score0.93838EPSS
Exploits12References7
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.37 views

CentOS 8 : edk2 (CESA-2019:0968)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:0968 advisory. - edk2: Buffer Overflow in BlockIo service for RAM disk CVE-2018-12180 Note that Nessus has not tested for this issue but has instead relied only on the...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/05/01 12:0 a.m.38 views

Ubuntu: Security Advisory (USN-4349-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.3AI score0.02271EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.38 views

Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-4349-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4349-1 advisory. A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of...

9.1CVSS7.3AI score0.02271EPSS
Exploits0References10
Ubuntu
Ubuntu
added 2020/04/30 10:54 p.m.82 views

USN-4349-1: EDK II vulnerabilities

A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. CVE-2018-12178 A buffer overflow was discovered in BlockIo service. An...

9.1CVSS7.3AI score0.02271EPSS
Exploits0
Amazon
Amazon
added 2019/08/23 12:0 a.m.55 views

Important: edk2

Issue Overview: A missing check leads to an out-of-bounds read and write flaw in NetworkPkg/DnsDxe as shipped in edk2, when it parses DNS responses. A remote attacker who controls the DNS server used by the vulnerable firmware may use this flaw to make the system crash. CVE-2018-3613 improper DNS...

9.1CVSS8.1AI score0.02271EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.32 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : ovmf Vulnerability (NS-SA-2019-0076)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ovmf packages installed that are affected by a vulnerability: - Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.28 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : ovmf Vulnerability (NS-SA-2019-0083)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ovmf packages installed that are affected by a vulnerability: - Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/05/08 1:44 p.m.99 views

Important: Red Hat Security Advisory: redhat-virtualization-host security update

An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS7.3AI score0.02255EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/05/07 12:0 a.m.37 views

RHEL 8 : edk2 (RHSA-2019:0968)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0968 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU a...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.65 views

CentOS 7 : ovmf (CESA-2019:0809)

An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.8CVSS8AI score0.02255EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/24 12:0 a.m.36 views

Scientific Linux Security Update : ovmf on (20190423)

Security Fixes : - edk2: Buffer Overflow in BlockIo service for RAM disk CVE-2018-12180 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid124262; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate",...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/24 12:0 a.m.38 views

RHEL 7 : ovmf (RHSA-2019:0809)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0809 advisory. OVMF Open Virtual Machine Firmware is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/04/23 2:32 p.m.51 views

Important: Red Hat Security Advisory: ovmf security update

An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.8CVSS7.3AI score0.02255EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2019/04/02 12:0 a.m.38 views

Security fix for the ALT Linux 10 package edk2 version 20190308-alt1

April 2, 2019 Alexey Shabalin 20190308-alt1 - edk2-stable201903 Fixes: CVE-2018-12178, CVE-2018-12180, CVE-2018-12181, CVE-2018-3630...

6.8CVSS7.8AI score0.02271EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/04/01 12:0 a.m.45 views

openSUSE Security Update : ovmf (openSUSE-2019-1083)

This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun bsc1127820. - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet bsc1127821. -...

9.1CVSS8.2AI score0.02271EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2019/03/30 12:0 a.m.190 views

Security update for ovmf (important)

openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2019:1083-1 Rating: important References: 1127820 1127821 1127822 Cross-References: CVE-2018-12178 CVE-2018-12180 CVE-2018-3630 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilities is now...

9.1CVSS9.6AI score0.02271EPSS
Exploits0References3
OSV
OSV
added 2019/03/27 8:29 p.m.9 views

CVE-2018-12180

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access...

8.8CVSS8.9AI score
Exploits0References8
CVE
CVE
added 2019/03/27 7:22 p.m.157 views

CVE-2018-12180

CVE-2018-12180 refers to a Buffer Overflow in the BlockIo service of EDK II (RAM Disk). The vulnerability enables an unauthenticated attacker to potentially escalate privileges, disclose information, or cause denial of service via network access. Connected advisories (Ubuntu USN-4349-1, CentOS 8 ...

8.8CVSS8.5AI score0.02255EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder