Lucene search
+L

320 matches found

Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.32 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : ovmf Multiple Vulnerabilities (NS-SA-2021-0180)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ovmf packages installed that are affected by multiple vulnerabilities: - Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service vi...

9.8CVSS7.2AI score0.03418EPSS
Exploits4References13
OpenVAS
OpenVAS
added 2021/09/24 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-5088-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.8AI score0.50732EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2021/09/23 11:39 a.m.131 views

USN-5088-1: EDK II vulnerabilities

It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. CVE-2019-11098 Paul Kehrer discovered that OpenSSL use...

8.1CVSS7.3AI score0.50732EPSS
Exploits1
OSV
OSV
added 2021/09/23 11:39 a.m.23 views

USN-5088-1 edk2 vulnerabilities

It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. CVE-2019-11098 Paul Kehrer discovered that OpenSSL use...

8.1CVSS7AI score0.50732EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/07/14 12:0 a.m.8 views

EDKII MdeModulePkg 输入验证错误漏洞

EDKII is an open source project that provides a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications developed and maintained by the UEFI Forum. A security vulnerability exists in EDKII MdeModulePkg that stems from insufficient input validation ...

6.8CVSS6.5AI score0.00345EPSS
Exploits0References5
OSV
OSV
added 2021/06/29 1:59 p.m.33 views

RLSA-2021:2591 Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: possible heap corruption with LzmaUefiDecompressGetInfo CVE-2021-28211 For more details about the security issues,...

6.7CVSS7.1AI score0.00386EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.38 views

SUSE SLES15 Security Update : ovmf (SUSE-SU-2021:2161-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2161-1 advisory. - Fixed a possible buffer overflow in IScsiDxe bsc1186151 - CVE-2021-28211: ovmf: edk2: possible heap corruption with...

7.8CVSS6.9AI score0.00399EPSS
Exploits2References8
NVD
NVD
added 2021/06/11 4:15 p.m.21 views

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

7.8CVSS0.00399EPSS
Exploits1References1
NVD
NVD
added 2021/06/11 4:15 p.m.17 views

CVE-2021-28211

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...

6.7CVSS0.00386EPSS
Exploits1References1
OSV
OSV
added 2021/06/11 4:15 p.m.1 views

DEBIAN-CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

7.8CVSS6.1AI score0.00399EPSS
Exploits1References1
OSV
OSV
added 2021/06/11 4:15 p.m.24 views

CVE-2021-28211

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...

6.7CVSS7AI score
Exploits0References1
OSV
OSV
added 2021/06/11 4:15 p.m.24 views

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

7.8CVSS6.6AI score
Exploits0References1
Prion
Prion
added 2021/06/11 4:15 p.m.24 views

Heap overflow

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...

4.6CVSS6.7AI score0.00386EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/06/11 4:15 p.m.21 views

Design/Logic Flaw

An unlimited recursion in DxeCore in EDK II...

4.6CVSS7.5AI score0.00399EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/06/11 3:11 p.m.226 views

CVE-2021-28211

CVE-2021-28211 is a heap overflow in the EDK II component function LzmaUefiDecompressGetInfo. The issue has been observed in multiple distributions via security advisories (e.g., ALAS2-2024-2722, ALINUX3-SA-2022:0214, etc.), affecting the edk2 package. Impact discussed in advisories centers on po...

6.7CVSS6.9AI score0.00386EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2021/06/11 3:11 p.m.37 views

CVE-2021-28211

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...

6.7CVSS7.4AI score0.00386EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2021/06/11 3:11 p.m.75 views

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

7.8CVSS7.7AI score0.00399EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2021/06/11 3:11 p.m.78 views

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

7.8CVSS7.5AI score0.00399EPSS
Exploits1
Cvelist
Cvelist
added 2021/06/11 3:11 p.m.43 views

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

7.9AI score0.00399EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/06/11 3:11 p.m.25 views

CVE-2021-28211

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...

7.3AI score0.00386EPSS
Exploits1References1
Rows per page
Query Builder