Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28216 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. | |||||
| CVE-2019-11098 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 4.6 MEDIUM | 6.8 MEDIUM |
| Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access. | |||||
| CVE-2018-3613 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||||
| CVE-2019-0160 | 4 Fedoraproject, Opensuse, Redhat and 1 more | 8 Fedora, Leap, Enterprise Linux and 5 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. | |||||
| CVE-2018-12182 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||||
| CVE-2019-0161 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. | |||||
| CVE-2018-12181 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 3.6 LOW | 6.0 MEDIUM |
| Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access. | |||||
| CVE-2018-12179 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||||
| CVE-2018-12178 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network. | |||||
| CVE-2018-12180 | 2 Opensuse, Tianocore | 2 Leap, Edk Ii | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. | |||||
| CVE-2018-12183 | 1 Tianocore | 1 Edk Ii | 2023-12-10 | 4.6 MEDIUM | 6.8 MEDIUM |
| Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||||