986 matches found
Moderate: Red Hat Security Advisory: edk2 security, bug fix, and enhancement update
An update for edk2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
CVE-2026-45447 affecting package edk2 for versions less than 20240524git3e722403cd16-18
CVE-2026-45447 affecting package edk2 for versions less than 20240524git3e722403cd16-18. A patched version of the package is available...
SUSE-SU-2026:0741-2 Security update for shim
This update for shim fixes the following issues: shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory - SbatLevelVariable.txt: minor typo fix. - Realloc needs to...
RHSA-2026:18465 Red Hat Security Advisory: edk2 security update
Bulletin has no description...
RHSA-2026:18320 Red Hat Security Advisory: edk2 security update
Bulletin has no description...
Astra Linux – Vulnerability in edk2
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows...
Astra Linux – Vulnerability in edk2
EDK2 contains a vulnerability when the S3 sleep mechanism is activated. In this case, an attacker may cause a Division-by-Zero error due to a UNIT32 overflow through local access. Successful exploitation of this vulnerability could result in a loss of availability...
Astra Linux – Vulnerability in edk2
EDK2’s Network Package is vulnerable to a buffer overflow vulnerability when processing the DNS Server option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity, and/or...
Astra Linux – Vulnerability in edk2
The Ubuntu edk2 UEFI firmware packages accidentally allowed access to the UEFI Shell in Secure Boot environments, potentially enabling bypass of Secure Boot restrictions. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some earlier versions introduced a security measure base...
Moderate: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 10 : edk2 (RHSA-2026:18320)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18320 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU...
RHEL 10 : edk2 (RHSA-2026:18465)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18465 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU...
SUSE CVE-2025-3770
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: edk2 (UTSA-2026-017405)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017405 advisory. A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as we...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: edk2 (UTSA-2026-017403)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017403 advisory. NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. Tenable has extracted the preceding description block directly from the Unity Linux security advisory...
CVE-2026-28389 affecting package edk2 for versions less than 20240524git3e722403cd16-16
CVE-2026-28389 affecting package edk2 for versions less than 20240524git3e722403cd16-16. A patched version of the package is available...
CVE-2026-28390 affecting package edk2 for versions less than 20240524git3e722403cd16-16
CVE-2026-28390 affecting package edk2 for versions less than 20240524git3e722403cd16-16. A patched version of the package is available...
Important: edk2
Issue Overview: Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NU...
Fedora 43 : edk2 (2026-a484707720)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a484707720 advisory. unbreak https boot ---- update openssl to 3.5.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
CVE-2025-69419 affecting package edk2 for versions less than 20240524git3e722403cd16-15
CVE-2025-69419 affecting package edk2 for versions less than 20240524git3e722403cd16-15. A patched version of the package is available...