Lucene search
K

12 matches found

OSV
OSV
added 2026/04/16 1:34 p.m.6 views

SUSE-SU-2026:1413-1 Security update for ovmf

This update for ovmf fixes the following issue: - CVE-2025-59438: mbedtls: padding oracle attack possible through timing of cipher error reporting bsc1252441...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.6 views

CVE-2025-48514

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality...

4CVSS5.5AI score0.00135EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.6 views

CVE-2025-0031

A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLESOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity...

4.6CVSS5.5AI score0.00112EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 8:16 p.m.6 views

CVE-2025-48517

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...

4.6CVSS0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 7:15 p.m.33 views

CVE-2025-29946

Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory...

4.5CVSS0.0014EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7447

Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory...

4.5CVSS5.5AI score0.0014EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/02/13 10:12 a.m.0 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. bsc1225889 CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffe...

8.3CVSS7.3AI score0.02084EPSS
Exploits1References40
SUSE Linux
SUSE Linux
added 2025/02/11 10:28 a.m.0 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 CVE-2023-45231: out-of-bounds...

8.3CVSS7.4AI score0.02084EPSS
Exploits1References36
SUSE Linux
SUSE Linux
added 2024/11/28 7:57 a.m.3 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2024-1298: Fixed potential UINT32 overflow in S3 ResumeCount bsc1225889. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

6CVSS6.9AI score0.00217EPSS
Exploits0References4
OSV
OSV
added 2024/02/13 8:15 p.m.1 views

UBUNTU-CVE-2023-31347

Due to a code bug in SecureTSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity...

4.9CVSS5.8AI score0.0046EPSS
Exploits0References3
OSV
OSV
added 2023/01/11 8:15 a.m.3 views

CVE-2021-26404

Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...

5.5CVSS6AI score
Exploits0References1
CNNVD
CNNVD
added 2021/03/30 12:0 a.m.6 views

SUSE ovmf 安全漏洞

SUSE ovmf is a firmware from SUSE Germany. It is used to support virtual machines for UEFI. A security vulnerability exists in SUSE ovmf that stems from unrestricted FV recursion...

7.8CVSS6.3AI score0.00399EPSS
Exploits1References11
Rows per page
Query Builder