Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edk ii vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-38575
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
Tianocore Edk2
Insyde Kernel 5.0
Insyde Kernel 5.2
Insyde Kernel 5.3
Insyde Kernel 5.4
Insyde Kernel 5.5
Insyde Kernel 5.1
4.6
CVSSv2
CVE-2021-28216
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.
Tianocore Edk Ii -
1 Github repository
4.6
CVSSv2
CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
Tianocore Edk Ii -
4.6
CVSSv2
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II.
Tianocore Edk2
4.6
CVSSv2
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Tianocore Edk2 202008
4.6
CVSSv2
CVE-2019-14563
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
4.6
CVSSv2
CVE-2019-14575
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
5.2
CVSSv2
CVE-2019-14586
Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.
Tianocore Edk2 -
Debian Debian Linux 9.0
3.3
CVSSv2
CVE-2019-14587
Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Tianocore Edk2 -
Debian Debian Linux 9.0
5
CVSSv2
CVE-2019-14559
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
Tianocore Edk2 -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »