Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edk ii vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-38575
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
Tianocore Edk2
Insyde Kernel 5.0
Insyde Kernel 5.2
Insyde Kernel 5.3
Insyde Kernel 5.4
Insyde Kernel 5.5
Insyde Kernel 5.1
4.6
CVSSv2
CVE-2021-28216
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.
Tianocore Edk Ii -
1 Github repository
4.6
CVSSv2
CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
Tianocore Edk Ii -
4.6
CVSSv2
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II.
Tianocore Edk2
4.6
CVSSv2
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Tianocore Edk2 202008
4.6
CVSSv2
CVE-2019-14563
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
4.6
CVSSv2
CVE-2019-14575
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Tianocore Edk2 -
Debian Debian Linux 9.0
3.3
CVSSv2
CVE-2019-14587
Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Tianocore Edk2 -
Debian Debian Linux 9.0
5.2
CVSSv2
CVE-2019-14586
Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.
Tianocore Edk2 -
Debian Debian Linux 9.0
4
CVSSv2
CVE-2019-14553
Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.
Tianocore Edk2 -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »