Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tianocore edk2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-14559
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
Tianocore Edk2 -
4.6
CVSSv2
CVE-2021-28216
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.
Tianocore Edk Ii -
1 Github repository
4.6
CVSSv2
CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
Tianocore Edk Ii -
4.6
CVSSv2
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II.
Tianocore Edk2
4.6
CVSSv2
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Tianocore Edk2 202008
4.6
CVSSv2
CVE-2019-14584
Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2
4.6
CVSSv2
CVE-2019-14563
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
4.6
CVSSv2
CVE-2019-14575
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
4.6
CVSSv2
CVE-2014-8271
Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate malicious users to gain privileges via a long variable name.
Tianocore Edk2
4.6
CVSSv2
CVE-2017-5731
Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access.
Tianocore Edk2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »