Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tianocore edk2 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2014-4859
Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate malicious users to bypass intended access restrictions via crafted data.
Tianocore Edk2 -
6.8
CVSSv3
CVE-2018-12183
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
Tianocore Edk Ii -
6.7
CVSSv3
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Tianocore Edk2 202008
6.7
CVSSv3
CVE-2018-12182
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
Tianocore Edk Ii -
6.5
CVSSv3
CVE-2023-45229
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an malicious user to gain unauthorized access and potentially lead to a loss of Confid...
Tianocore Edk2
6.5
CVSSv3
CVE-2023-45231
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an malicious user to gain unauthorized access and potentially lead to a loss of Confidentiality.
Tianocore Edk2
6.5
CVSSv3
CVE-2019-14587
Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Tianocore Edk2 -
Debian Debian Linux 9.0
6
CVSSv3
CVE-2018-12181
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
Tianocore Edk Ii -
5.5
CVSSv3
CVE-2019-14562
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
4.9
CVSSv3
CVE-2019-14553
Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.
Tianocore Edk2 -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4