Lucene search
K

986 matches found

OpenVAS
OpenVAS
added 2025/12/19 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for EDK2 (EulerOS-SA-2025-2571)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS6.7AI score0.0023EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.6 views

EulerOS Virtualization 2.13.0 : EDK2 (EulerOS-SA-2025-2571)

According to the versions of the EDK2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 contains a vulnerability in BIOS where an attacker may cause 'Protection Mechanism Failure' by local access. Successful...

7CVSS7.1AI score0.0023EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2025/12/11 12:0 a.m.8 views

edk2 security update

20250905-4 - Create new 20250905 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause 'Protection Mechanism Failure' by local access Orabug: 38381983 CVE-2025-3770 - EDK2: EDK2 contains a vulnerability in BIOS where a...

7CVSS7.1AI score0.05966EPSS
Exploits0
OSV
OSV
added 2025/12/09 4:17 p.m.6 views

AZL-72559 CVE-2025-2296 affecting package hvloader for versions less than 1.0.1-15

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score0.00669EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.6 views

AZL-72556 CVE-2025-2296 affecting package edk2 for versions less than 20230301gitf80f052277c8-44

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score0.00669EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.3 views

CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS0.00669EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.8 views

AZL-72545 CVE-2025-2296 affecting package edk2 for versions less than 20240524git3e722403cd16-11

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score0.00669EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.2 views

CVE-2024-38798

EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality...

5.8CVSS5.8AI score
Exploits0References1
Debian CVE
Debian CVE
added 2025/12/09 3:0 p.m.5 views

CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS5.7AI score0.00669EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/12/09 3:0 p.m.4 views

CVE-2024-38798 Uncleared password keystrokes in circular queue can lead to information disclosure or escalation of privilege

EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality...

5.8CVSS5.9AI score0.00123EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-2296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Improper Input Validation by local access. Successful exploitation of this vulnerability could...

8.4CVSS6.2AI score0.00669EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-38798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Exposure of Sensitive Information to an Unauthorized Actor by local access. Successful...

5.8CVSS5.8AI score0.00123EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2025/12/03 12:0 a.m.21 views

edk2 security update

20250905-4.el8 - Create new 20250905 release for OL8 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause "Protection Mechanism Failure" by local access Orabug: 38381983 CVE-2025-3770 - EDK2: EDK2 contains a vulnerability in BIOS where...

7CVSS6.5AI score0.05966EPSS
Exploits0
EUVD
EUVD
added 2025/11/26 6:31 p.m.7 views

EUVD-2025-199745

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

7CVSS6.4AI score0.00256EPSS
Exploits0References2
NVD
NVD
added 2025/11/26 6:15 p.m.11 views

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS0.00113EPSS
Exploits0References1
OSV
OSV
added 2025/11/26 6:15 p.m.3 views

DEBIAN-CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS8AI score0.00113EPSS
Exploits0References1
OSV
OSV
added 2025/11/26 6:15 p.m.3 views

UBUNTU-CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS5.8AI score0.00113EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/11/26 5:33 p.m.6 views

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS8AI score0.00113EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 5:33 p.m.6 views

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS7AI score0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/26 5:33 p.m.11 views

CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

7CVSS0.00113EPSS
Exploits0References1
Rows per page
Query Builder