Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tianocore edk ii - vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-38575
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
Tianocore Edk2
Insyde Kernel 5.0
Insyde Kernel 5.2
Insyde Kernel 5.3
Insyde Kernel 5.4
Insyde Kernel 5.5
Insyde Kernel 5.1
7.8
CVSSv3
CVE-2021-28216
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.
Tianocore Edk Ii -
1 Github repository
6.8
CVSSv3
CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
Tianocore Edk Ii -
7.8
CVSSv3
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II.
Tianocore Edk2
6.7
CVSSv3
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Tianocore Edk2 202008
7.8
CVSSv3
CVE-2019-14563
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2019-14575
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
8
CVSSv3
CVE-2019-14586
Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.
Tianocore Edk2 -
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2019-14587
Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Tianocore Edk2 -
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2019-14559
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
Tianocore Edk2 -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »