TianoCore EDK II

CPE Details

TianoCore EDK II
-
2021-07-19
11h27 +00:00
2021-09-23
17h27 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*

Informations

Vendor

tianocore

Product

edk_ii

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-28216 2021-08-05 18h44 +00:00 BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.
7.8
Haute
CVE-2019-11098 2021-07-14 11h28 +00:00 Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.
6.8
Moyen
CVE-2019-0161 2019-03-27 18h23 +00:00 Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
5.5
Moyen
CVE-2018-12181 2019-03-27 18h23 +00:00 Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
6
Moyen
CVE-2018-12180 2019-03-27 18h22 +00:00 Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
8.8
Haute
CVE-2018-12179 2019-03-27 18h21 +00:00 Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
7.8
Haute
CVE-2019-0160 2019-03-27 18h20 +00:00 Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
9.8
Critique
CVE-2018-12178 2019-03-27 18h19 +00:00 Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.
9.1
Critique
CVE-2018-12182 2019-03-27 18h18 +00:00 Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
6.7
Moyen
CVE-2018-12183 2019-03-27 18h17 +00:00 Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
6.8
Moyen