Lucene search
+L

26 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : appstream-data-8-20200724.el8, fwupd-1.4.2-4.0.2.el8, gnome-software-3.36.1-4.el8, libxmlb-0.1.15-1.el8 (AXSA:2021-1476:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1476:01 advisory. fwupd: Possible bypass in signature verification CVE-2020-10759 Tenable has extracted the preceding description block directly from the MiracleLinux security...

6CVSS5.6AI score0.0049EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 7 : fwupd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - fwupd: Possible bypass in signature verification CVE-2020-10759 Note that Nessus has not tested for this issue but...

6CVSS6.9AI score0.0049EPSS
Exploits1References1
OSV
OSV
added 2022/08/05 11:4 a.m.4 views

OESA-2022-1801 fwupd security update

aims to make updating firmware on Linux automatic, safe and reliable. Security Fixes: A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because th...

6CVSS6.3AI score0.0049EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.29 views

AlmaLinux 8 : gnome-software and fwupd (ALSA-2020:4436)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4436 advisory. - A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is...

6CVSS5.9AI score0.0049EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2020:1681-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS6AI score0.0049EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2021:1107-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS6AI score0.0049EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/04/09 12:0 a.m.47 views

openSUSE Security Update : fwupd (openSUSE-2021-522)

This update for fwupd fixes the following issues : - Update to version 1.2.14: bsc1182057 - Add SBAT section to EFI images bsc1182057 - CVE-2020-10759: Validate that gpgmeopverifyresult returned at least one signature bsc1172643 This update was imported from the SUSE:SLE-15-SP2:Update update...

6CVSS5.9AI score0.0049EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/04/09 12:0 a.m.34 views

SUSE SLED15 / SLES15 Security Update : fwupd (SUSE-SU-2021:1107-1)

This update for fwupd fixes the following issues : Update to version 1.2.14: bsc1182057 Add SBAT section to EFI images bsc1182057 CVE-2020-10759: Validate that gpgmeopverifyresult returned at least one signature bsc1172643 Note that Tenable Network Security has extracted the preceding description...

6CVSS6AI score0.0049EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.32 views

CentOS 8 : gnome-software and fwupd (CESA-2020:4436)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4436 advisory. - fwupd: Possible bypass in signature verification CVE-2020-10759 Note that Nessus has not tested for this issue but has instead relied only on the application'...

6CVSS6AI score0.0049EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.23 views

Oracle Linux 8 : gnome-software / and / fwupd (ELSA-2020-4436)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4436 advisory. - Add signing with redhatsecureboot503 cert Related: CVE-2020-10713 - Security fix for CVE-2020-10759 Tenable has extracted the preceding description block...

8.2CVSS7.3AI score0.01068EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.39 views

RHEL 8 : gnome-software and fwupd (RHSA-2020:4436)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4436 advisory. The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data...

6CVSS6.1AI score0.0049EPSS
Exploits1References11
OSV
OSV
added 2020/11/03 12:4 p.m.28 views

RLSA-2020:4436 Low: gnome-software and fwupd security, bug fix, and enhancement update

The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service th...

5.7CVSS6.4AI score0.0049EPSS
Exploits1References7
OSV
OSV
added 2020/11/03 12:4 p.m.28 views

ALSA-2020:4436 Low: gnome-software and fwupd security, bug fix, and enhancement update

The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service th...

6CVSS6.4AI score0.0049EPSS
Exploits1References5
AlmaLinux
AlmaLinux
added 2020/11/03 12:4 p.m.28 views

Low: gnome-software and fwupd security, bug fix, and enhancement update

The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service th...

6CVSS6.5AI score0.0049EPSS
Exploits1References6
OSV
OSV
added 2020/09/15 7:15 p.m.11 views

CVE-2020-10759

A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service LVFS is either not implemented or enabled in versions ...

6CVSS5.8AI score0.0049EPSS
Exploits1References2
NVD
NVD
added 2020/09/15 7:15 p.m.21 views

CVE-2020-10759

A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service LVFS is either not implemented or enabled in versions ...

6CVSS0.0049EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2020/09/15 6:37 p.m.37 views

CVE-2020-10759

A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service LVFS is either not implemented or enabled in versions ...

6CVSS5.9AI score0.0049EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.35 views

openSUSE Security Update : fwupd (openSUSE-2020-849)

This update for fwupd fixes the following issues : - CVE-2020-10759: Fixed a potential PGP signature bypass, which could have led to installation of unsigned firmware bsc1172643 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descripti...

6CVSS6AI score0.0049EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/07/17 12:0 a.m.21 views

Debian: Security Advisory (DLA-2274-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS6.4AI score0.0049EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/06/26 12:0 a.m.33 views

Fedora 31 : fwupd (2020-ad1c74c2a1)

New upstream release - Actually reload the DFU device after upgrade has completed - Capture the dock SKU in report metadata - Correctly set the Logitech device protocol - Do not use shim for non-secure boot configurations - Ensure that the DeviceID is set for child devices - Fix an error when...

6CVSS5.9AI score0.0049EPSS
Exploits1References2
Rows per page
Query Builder