Lucene search
K

1077 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.18 views

MiracleLinux 8 : kernel-4.18.0-553.16.1.el8_10 (AXSA:2024-8704:25)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8704:25 advisory. kernel: powerpc: Fix access beyond end of drmem array CVE-2023-52451 kernel: efivarfs: force RO when remounting if SetVariable is not supported...

9.8CVSS6.3AI score0.08555EPSS
Exploits3References158
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.6 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde, China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a buffer overflow that can be caused by untrusted user-mode applications when readin...

7.8CVSS7.2AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.6 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde, China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a buffer overflow that can be caused by untrusted user-mode applications when readin...

7.8CVSS7.2AI score0.00151EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001740 advisory. An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. Tenable has...

4.7CVSS6.6AI score0.00199EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001730)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001730 advisory. In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation o...

7.8CVSS6.8AI score0.00189EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.10 views

MiracleLinux 4 : kernel-2.6.32-220.4.1.el6 (AXSA:2012-228:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-228:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

9.1CVSS7.5AI score0.10904EPSS
Exploits23References19
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.9 views

CVE-2023-25600

An issue was discovered in InsydeH2O. A malicious operating system can tamper with a runtime-writable EFI variable, leading to out-of-bounds memory reads and a denial of service. This is fixed in version 01.01.04.0016...

7.1CVSS6.7AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:26 a.m.9 views

CVE-2021-33627

An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOC...

8.2CVSS7.1AI score0.00327EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:15 a.m.10 views

CVE-2021-0113

Out of bounds write in the BMC firmware for IntelR Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access...

6.5CVSS7.1AI score0.00398EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.10 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992796)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992796 advisory. In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993047)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993047 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere...

7.8CVSS6.3AI score0.00153EPSS
Exploits0References4
OSV
OSV
added 2025/12/30 4:20 p.m.4 views

SUSE-RU-2026:20004-1 Recommended update for shim

This update for shim fixes the following issues: This update for shim fixes the following issues: shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory -...

6.7CVSS5.8AI score0.00378EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992325 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokva...

5.5CVSS6.3AI score0.00189EPSS
Exploits0References4
OSV
OSV
added 2025/12/15 8:51 p.m.12 views

USN-7934-1 linux-azure, linux-azure-6.14 vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux...

9.8CVSS6.6AI score0.08942EPSS
Exploits4References206
BDU FSTEC
BDU FSTEC
added 2025/12/15 12:0 a.m.4 views

Vulnerability of EFI components of the Linux operating system’s kernel, allowing a hacker to trigger a service failure

The vulnerability of EFI components in the Linux operating system is related to the allocation of unlimited memory. Exploiting this vulnerability allows a perpetrator to cause service failures...

5.5CVSS7AI score0.00142EPSS
Exploits0References9Affected Software3
RedhatCVE
RedhatCVE
added 2025/12/10 8:34 a.m.5 views

CVE-2025-2296

A flaw was found in EDK2 EFI Development Kit 2. This vulnerability allows an attacker to cause arbitrary command execution and impact Confidentiality, Integrity, and Availability via improper input validation by local access. Mitigation To reduce the risk by disabling direct-boot mode, ensuring a...

8.4CVSS6.7AI score0.00669EPSS
Exploits0References4
OSV
OSV
added 2025/12/04 11:3 a.m.19 views

USN-7909-2 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...

7.8CVSS6.5AI score0.0037EPSS
Exploits3References179
EUVD
EUVD
added 2025/11/11 6:30 p.m.5 views

EUVD-2025-93472

Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...

7.1CVSS6.3AI score0.00113EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/11/11 9:13 a.m.5 views

kernel: efi: Do not import certificates from UEFI Secure Boot for T2 Macs

In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certificates, a page fault occurs in Apple firmwa...

5.5CVSS6.8AI score0.00158EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989550 advisory. In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmigetvariable We can get EFI variables without fetching the attribute, ...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References4
Rows per page
Query Builder