Filtered by vendor Tianocore
Subscribe
Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28210 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An unlimited recursion in DxeCore in EDK II. | |||||
| CVE-2019-14587 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2019-14586 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
| Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access. | |||||
| CVE-2019-14584 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-14575 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-14563 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-14562 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-14559 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access. | |||||
| CVE-2019-14553 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access. | |||||
| CVE-2019-11098 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access. | |||||
| CVE-2019-0161 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-0160 | 4 Fedoraproject, Opensuse, Redhat and 1 more | 8 Fedora, Leap, Enterprise Linux and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. | |||||
| CVE-2018-3613 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||||
| CVE-2018-12183 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||||
| CVE-2018-12182 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||||
| CVE-2018-12181 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 3.6 LOW | 6.0 MEDIUM |
| Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access. | |||||
| CVE-2018-12180 | 2 Opensuse, Tianocore | 2 Leap, Edk Ii | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. | |||||
| CVE-2018-12179 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||||
| CVE-2018-12178 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network. | |||||
| CVE-2017-5731 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||||