Lucene search
K

986 matches found

CBLMariner
CBLMariner
added 2026/02/09 11:35 p.m.8 views

CVE-2026-22796 affecting package edk2 for versions less than 20240524git3e722403cd16-14

CVE-2026-22796 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...

5.3CVSS5.4AI score0.00502EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/02/09 11:35 p.m.5 views

CVE-2025-68160 affecting package edk2 for versions less than 20240524git3e722403cd16-14

CVE-2025-68160 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...

4.7CVSS5.4AI score0.00152EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/02/09 11:35 p.m.5 views

CVE-2025-69421 affecting package edk2 for versions less than 20240524git3e722403cd16-14

CVE-2025-69421 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...

7.5CVSS5.4AI score0.00844EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/02/09 11:35 p.m.20 views

CVE-2026-22795 affecting package edk2 for versions less than 20240524git3e722403cd16-14

CVE-2026-22795 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...

5.5CVSS5.8AI score0.00144EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/02/09 11:35 p.m.6 views

CVE-2025-2295 affecting package edk2 for versions less than 20240524git3e722403cd16-14

CVE-2025-2295 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...

3.5CVSS5.5AI score0.00226EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/02/09 11:35 p.m.4 views

CVE-2025-69420 affecting package edk2 for versions less than 20240524git3e722403cd16-14

CVE-2025-69420 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...

7.5CVSS5.4AI score0.00768EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/02/05 10:9 p.m.6 views

CVE-2025-2295 affecting package edk2 for versions less than 20230301gitf80f052277c8-45

CVE-2025-2295 affecting package edk2 for versions less than 20230301gitf80f052277c8-45. A patched version of the package is available...

3.5CVSS5.3AI score0.00226EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/02/03 6:43 p.m.6 views

CVE-2025-15467 affecting package edk2 for versions less than 20240524git3e722403cd16-12

CVE-2025-15467 affecting package edk2 for versions less than 20240524git3e722403cd16-12. A patched version of the package is available...

9.8CVSS5.2AI score0.47621EPSS
Exploits7
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2026-1110)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.4AI score0.0037EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.7 views

EulerOS Virtualization 2.10.1 : edk2 (EulerOS-SA-2026-1110)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an...

5.9CVSS6AI score0.0037EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

EulerOS Virtualization 2.10.0 : edk2 (EulerOS-SA-2026-1161)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an...

5.9CVSS6AI score0.0037EPSS
Exploits0References2
OSV
OSV
added 2026/01/27 4:16 p.m.7 views

AZL-76119 CVE-2026-22795 affecting package edk2 for versions less than 20230301gitf80f052277c8-47

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...

5.5CVSS6.4AI score0.00144EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

AZL-75905 CVE-2026-22796 affecting package edk2 for versions less than 20240524git3e722403cd16-14

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS7 data. Impact summary: An application...

5.3CVSS7AI score0.00502EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

AZL-76122 CVE-2025-69420 affecting package edk2 for versions less than 20230301gitf80f052277c8-47

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

7.5CVSS5.8AI score0.00768EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.6 views

AZL-75896 CVE-2025-69420 affecting package edk2 for versions less than 20240524git3e722403cd16-14

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

7.5CVSS7.1AI score0.00768EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

AZL-76113 CVE-2025-69421 affecting package edk2 for versions less than 20230301gitf80f052277c8-47

Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...

7.5CVSS6.1AI score0.00844EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.7 views

AZL-76116 CVE-2025-69419 affecting package edk2 for versions less than 20230301gitf80f052277c8-47

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

7.4CVSS7.2AI score0.00444EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.4 views

AZL-75908 CVE-2025-15467 affecting package edk2 for versions less than 20240524git3e722403cd16-14

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

9.8CVSS7.7AI score0.47621EPSS
Exploits7References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: edk2 (CVE-2022-3996)

The version of edk2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3996 advisory. - If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write...

7.5CVSS7.4AI score0.01625EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : edk2-20220126gitbb1bba3d77-6.el8_9.3 (AXSA:2024-7542:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7542:02 advisory. openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 Tenable has extracted the preceding description block directly from the...

5.3CVSS7AI score0.05533EPSS
Exploits0References2
Rows per page
Query Builder