Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/31 12:0 a.m.20 views

Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-6920-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6920-1 advisory. It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An...

9.8CVSS7.4AI score0.01338EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/07/30 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-6920-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.01338EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2024/07/29 4:18 a.m.37 views

USN-6920-1: EDK II vulnerabilities

It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. CVE-2017-5731 It was discovered that EDK II had an insufficient...

9.8CVSS7.4AI score0.01338EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2018:4155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.00441EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2018:4207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00441EPSS
Exploits0References5
Cent OS
Cent OS
added 2019/08/30 3:50 a.m.212 views

OVMF security update

CentOS Errata and Security Advisory CESA-2019:2125 An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.3AI score0.03418EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2019/08/30 12:0 a.m.37 views

CentOS 7 : ovmf (CESA-2019:2125)

An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.5AI score0.03418EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.35 views

Scientific Linux Security Update : ovmf on 7.x (noarch) (2019:2125)

The remote Scientific Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the SLSA-2019:2125-1 advisory. Security Fixes: edk2: Privilege escalation via processing of malformed files in TianoCompress.c CVE-2017-5731 edk2: Privilege escalation via...

9.8CVSS7.6AI score0.03418EPSS
Exploits4References7
Amazon
Amazon
added 2019/08/23 12:0 a.m.55 views

Important: edk2

Issue Overview: A missing check leads to an out-of-bounds read and write flaw in NetworkPkg/DnsDxe as shipped in edk2, when it parses DNS responses. A remote attacker who controls the DNS server used by the vulnerable firmware may use this flaw to make the system crash. CVE-2018-3613 improper DNS...

9.1CVSS8.1AI score0.02271EPSS
Exploits0
Cvelist
Cvelist
added 2019/03/27 7:16 p.m.22 views

CVE-2018-3613

Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...

7.5AI score0.00441EPSS
Exploits0References4
CVE
CVE
added 2019/03/27 7:16 p.m.148 views

CVE-2018-3613

CVE-2018-3613 is reported in multiple advisories (notably EDK II/UDK UEFI firmware). The underlying issue is a logic error in the EDK II Variable service module for EDK II/UDK2018/UDK2017/UDK2015. Exploitation could allow an authenticated user to escalate privileges, disclose information, or caus...

7.8CVSS7.3AI score0.00441EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.38 views

openSUSE Security Update : ovmf (openSUSE-2019-1017)

This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...

7.8CVSS7.2AI score0.00441EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.36 views

SUSE SLES15 Security Update : ovmf (SUSE-SU-2018:4155-1)

This update for ovmf fixes the following issues : Security issues fixed : CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. CVE-2017-5732: Fixed privilege...

7.8CVSS6.9AI score0.00441EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2018/12/24 12:0 a.m.44 views

openSUSE Security Update : ovmf (openSUSE-2018-1591)

This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...

7.8CVSS7.2AI score0.00441EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/12/24 12:0 a.m.46 views

openSUSE Security Update : ovmf (openSUSE-2018-1590)

This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...

7.8CVSS7.2AI score0.00441EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2018/12/23 12:0 a.m.26 views

openSUSE: Security Advisory for ovmf (openSUSE-SU-2018:4254-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.9AI score0.00441EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/12/23 12:0 a.m.35 views

openSUSE: Security Advisory for ovmf (openSUSE-SU-2018:4240-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.9AI score0.00441EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/12/22 6:9 p.m.102 views

Security update for ovmf (moderate)

This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...

3.4AI score0.00441EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/12/21 12:0 a.m.34 views

SUSE SLES12 Security Update : ovmf (SUSE-SU-2018:4207-1)

This update for ovmf fixes the following issues : Security issues fixed : CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. CVE-2017-5732: Fixed privilege...

7.8CVSS6.9AI score0.00441EPSS
Exploits0References15
OSV
OSV
added 2018/12/20 9:43 a.m.8 views

SUSE-SU-2018:4207-1 Security update for ovmf

This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...

7.8CVSS8.3AI score0.00441EPSS
Exploits0References9
Rows per page
Query Builder