Lucene search
K

986 matches found

Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.39 views

Oracle Linux 8 : edk2 (ELSA-2019-0968)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0968 advisory. 20180508gitee3198e672e2-9.el80 - edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch bz1690501 -...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References2
Veracode
Veracode
added 2019/08/08 12:7 a.m.22 views

Denial Of Service (DoS)

edk2 is vulnerable to denial of service DoS. It is due to stack overflow in XHCI causing denial of service...

5.5CVSS3.1AI score0.00395EPSS
Exploits0References10Affected Software5
Veracode
Veracode
added 2019/08/08 12:7 a.m.22 views

Denial Of Service (DoS)

edk2 is vulnerable to denial of service DoS. The attack can be triggered when an attacker provide a corrupted BMP file causing a buffer overflow...

6CVSS4.2AI score0.00425EPSS
Exploits0References11Affected Software1
Veracode
Veracode
added 2019/08/08 12:7 a.m.33 views

Privilege Escalation

edk2 is vulnerable to privilege escalation. The attack is due to a logic error in MdeModulePkg in EDK II firmware, allowing an authenticated users to trigger the attack...

7.8CVSS5.7AI score0.00441EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2019/08/06 12:11 p.m.39 views

Moderate: Red Hat Security Advisory: ovmf security and enhancement update

An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.3AI score0.03418EPSS
Exploits4References12
Oracle linux
Oracle linux
added 2019/07/30 12:0 a.m.37 views

edk2 security update

20180508gitee3198e672e2-9.el80 - edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch bz1690501 - edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch bz1690501 - Resolves: bz1690501 CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk rhel-8.0.0.z...

8.8CVSS3.4AI score0.02255EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/06/19 12:0 a.m.28 views

Security fix for the ALT Linux 10 package edk2 version 20190501-alt1

June 19, 2019 Alexey Shabalin 20190501-alt1 - edk2-stable201905 Fixes: CVE-2018-12182...

4.6CVSS8.2AI score0.00412EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/06/06 12:0 a.m.156 views

edk2 security update

1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel module. Aaron Young - Update spec file to modprobe kvmintel module prior to running qemu to enroll default keys. Aaron Young - Enroll Oracle cert/key...

9.1CVSS1.6AI score0.93838EPSS
Exploits12
RedHat Linux
RedHat Linux
added 2019/05/08 1:44 p.m.99 views

Important: Red Hat Security Advisory: redhat-virtualization-host security update

An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS7.3AI score0.02255EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/05/07 4:21 a.m.46 views

Important: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.8CVSS7.3AI score0.02255EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/05/07 4:21 a.m.5 views

edk2: Buffer Overflow in BlockIo service for RAM disk

A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. The highest threat from...

8.8CVSS7.3AI score0.02255EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/05/07 12:0 a.m.37 views

RHEL 8 : edk2 (RHSA-2019:0968)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0968 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU a...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.80 views

Fedora Update for edk2 FEDORA-2019-bff1cbaba3

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.7AI score0.02271EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.31 views

Fedora 30 : edk2 (2019-3b96bb5186)

The remote Fedora 30 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2019-3b96bb5186 advisory. Use YYYYMMDD versioning to fix upgrade path ---- Update to stable-201903 Update to openssl-1.1.0j Move to python3 deps Tenable has extracted the...

9.1CVSS7AI score0.02271EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/04/24 12:0 a.m.38 views

RHEL 7 : ovmf (RHSA-2019:0809)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0809 advisory. OVMF Open Virtual Machine Firmware is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for...

8.8CVSS8.1AI score0.02255EPSS
Exploits0References4
Fedora
Fedora
added 2019/04/03 3:31 a.m.40 views

[SECURITY] Fedora 29 Update: edk2-20190308stable-1.fc29

EDK II is a development code base for creating UEFI drivers, applications and firmware images...

9.1CVSS2.9AI score0.02271EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/04/02 12:0 a.m.38 views

Security fix for the ALT Linux 10 package edk2 version 20190308-alt1

April 2, 2019 Alexey Shabalin 20190308-alt1 - edk2-stable201903 Fixes: CVE-2018-12178, CVE-2018-12180, CVE-2018-12181, CVE-2018-3630...

6.8CVSS7.8AI score0.02271EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/03/08 10:19 a.m.30 views

CVE-2018-12181

A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 162^4 or 2562^8 colors...

6CVSS3.4AI score0.00425EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/02/26 5:50 p.m.33 views

CVE-2018-12180

A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. The highest threat from...

8.8CVSS2.3AI score0.02255EPSS
Exploits0References2
Lenovo
Lenovo
added 2016/07/22 12:0 a.m.110 views

UEFI EDK2 Capsule Update Vulnerabilities

Lenovo Security Advisory: LEN-2014-001 Potential Impact: Execution of arbitrary code Severity: Medium Summary: The EDK2 UEFI reference implementation contains multiple vulnerabilities in the Capsule Update mechanism. Description: The open source EDK2 project provides a reference implementation of...

3.7CVSS7.4AI score0.00587EPSS
Exploits0
Rows per page
Query Builder