EUVD-2014-8112

Malware in sbrugna...

EUVD-2019-5745

Malware in sbrugna...

ROS-20250930-06

Tianocore EDK2 library vulnerability is related to insecure IDT register handling during SMM login. Exploitation of the vulnerability allows an attacker to escalate privileges in the system...

ROS-20241017-06

A vulnerability in the PeCoffLoaderRelocateImage function of the Tianocore EDK2 library is related to the invocation of memory corruption memory due to overflow through a contiguous network. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to...

ROS-20240625-06

Vulnerability in TCP Initial Sequence Number Handler component of Tianocore EDK2 library is related to buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to confidential data. Unauthorized access to confidential data...

The vulnerability of the tcg2measuregpttable() function in the Tianocore EDK2 library, caused by buffer overflows, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the tcg2measuregpttable function in the Tianocore EDK2 library is caused by buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Ip6IsOptionValid() function in the Tianocore edk2 library, which allows a attacker to compromise the accessibility of protected information or cause service failures.

The vulnerability of the Ip6IsOptionValid function in the Tianocore edk2 library is related to the execution of a loop with an unreachable exit condition when processing the PadN parameter. Exploiting this vulnerability could allow a remote attacker to compromise the accessibility of protected...

The vulnerability of the IPv6 Options Header Handler component in the Tianocore EDK2 library, which allows a hacker to cause a service failure.

The vulnerability of the IPv6 Options Header Handler component in the Tianocore EDK2 library is related to buffer overflow. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the DHCPv6 Advertise Message Handler component in the Tianocore EDK2 library, which allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the DHCPv6 Advertise Message Handler component in the Tianocore EDK2 library is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the Dhcp6SendRequestMsg function in the Tianocore edk2 library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Dhcp6SendRequestMsg function in the Tianocore edk2 library is related to buffer overflow. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

PT-2024-1144

Name of the Vulnerable Software and Affected Versions: EDK2 affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the Dhcp6SendRequestMsg function of the Tianocore edk2 library, specifically in the NetworkPkg/Dhcp6Dxe/Dhcp6Io.c file. This...

SUSE CVE-2019-14584

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access...

Tianocore Edk2 缓冲区错误漏洞

Tianocore Edk2 is a cross-platform firmware development environment from the Tianocore community that follows the UEFI and PI specifications.A buffer overflow vulnerability exists in Tianocore Edk2, which stems from an existing CommBuffer check in SmmEntryPoint that does not catch underflow when...

The vulnerability of the IScsiHexToBin function in the Tianocore edk2 library allows a hacker to disclose protected information, compromise data integrity, or cause service failures.

The vulnerability of the IScsiHexToBin function in the Tianocore edk2 library is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information, compromise data integrity, or cause service...

Tianocore Edk2 缓冲区错误漏洞

Tianocore Edk2 is a cross-platform firmware development environment from the Tianocore community that follows the UEFI and PI specifications. A buffer error vulnerability exists in TianoCore edk2 that stems from a boundary error in the IScsiHexToBin function in NetworkPkg/IScsiDxe. A remote...

Tianocore Edk2 安全漏洞

Tianocore Edk2 is a cross-platform firmware development environment from the Tianocore community that follows the UEFI and PI specifications. A security vulnerability exists in Tianocore Edk2 that allows an attacker to access sensitive data...

PT-2021-8089 · Intel +2 · Tianocore Edk2 +2

Name of the Vulnerable Software and Affected Versions: Tianocore edk2 affected versions not specified Description: The issue concerns a BIOS bug and a library vulnerability. The BIOS bug affects the Platform authorization value, leaving it empty, which can lead to the permanent bricking of the TP...

CVE-2019-14584

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access...

AZL-41086 CVE-2019-14584 affecting package shim-unsigned-x64 for versions less than 15.8-3

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-14584

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access...