20 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-14575
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Logic issue in DxeImageVerificationHandler for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...
SUSE: Security Advisory (SUSE-SU-2020:0568-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0699-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0495-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated edk2 packages fix multiples security vulnerabilities
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. CVE-2018-12179. Insufficient memory write check in SMM service for EDK II may allow an authenticated...
CVE-2019-14575
Logic issue in DxeImageVerificationHandler for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-14575
Logic issue in DxeImageVerificationHandler for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-14575
CVE-2019-14575 affects the EDK II firmware, describing a logic issue in DxeImageVerificationHandler() that may let an authenticated local user escalate privileges. The vulnerability is documented across multiple advisories (edk2 firmware references and related Nessus/Debian/DLA entries). The avai...
CVE-2019-14575
Logic issue in DxeImageVerificationHandler for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...
Security fix for the ALT Linux 9 package edk2-tools version 20200229-alt1
20200229-alt1 built July 22, 2020 Alexey Shabalin in task 254589 --- May 16, 2020 Alexey Shabalin - edk2-stable202002 Fixes: CVE-2019-14575, CVE-2019-14559, CVE-2019-14587, CVE-2019-14558, CVE-2019-14586, CVE-2019-14563...
EulerOS Virtualization for ARM 64 3.0.6.0 : edk2 (EulerOS-SA-2020-1689)
According to the versions of the edk2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3....
Security fix for the ALT Linux 10 package edk2 version 20200229-alt1
May 16, 2020 Alexey Shabalin 20200229-alt1 - edk2-stable202002 Fixes: CVE-2019-14575, CVE-2019-14559, CVE-2019-14587, CVE-2019-14558, CVE-2019-14586, CVE-2019-14563...
EulerOS Virtualization for ARM 64 3.0.2.0 : edk2 (EulerOS-SA-2020-1574)
According to the versions of the edk2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3....
Ubuntu: Security Advisory (USN-4349-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-4349-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4349-1 advisory. A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of...
USN-4349-1: EDK II vulnerabilities
A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. CVE-2018-12178 A buffer overflow was discovered in BlockIo service. An...
Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2020-1574)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : ovmf (openSUSE-2020-314)
This update for ovmf fixes the following issues : Security issues fixed : - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation bsc1163959. - CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences bsc1153072. - CVE-2019-14559:...
openSUSE: Security Advisory for ovmf (openSUSE-SU-2020:0314-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES12 Security Update : ovmf (SUSE-SU-2020:0495-1)
This update for ovmf fixes the following issues : Security issues fixed : CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth bsc1094291. CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation bsc1163959. CVE-2019-14559:...