EUVD-2019-5745

Malware in sbrugna...

EUVD-2014-8112

Malware in sbrugna...

ROS-20250930-06

Tianocore EDK2 library vulnerability is related to insecure IDT register handling during SMM login. Exploitation of the vulnerability allows an attacker to escalate privileges in the system...

TianoCore EDK II BIOS Vulnerability - Lenovo Support US

No description provided...

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from an out-of-bounds read in the HashPeImageByType function, which could lead to a loss of integrity and...

EDK2 输入验证错误漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from an integer overflow or wrap-around error that could result in a denial of service...

编号撤回

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. This CVE number has been withdrawn...

CVE-2019-14584

...

ROS-20241017-06

A vulnerability in the PeCoffLoaderRelocateImage function of the Tianocore EDK2 library is related to the invocation of memory corruption memory due to overflow through a contiguous network. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to...

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that originates in the PeCoffLoaderRelocateImage function, where an attacker may be able to cause memory corruption via a...

The vulnerability of the Tianocore edk2 library, related to errors in resource release, allows a hacker to cause a service failure.

The vulnerability of the Tianocore edk2 library is related to errors during resource release. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

ROS-20240625-06

Vulnerability in TCP Initial Sequence Number Handler component of Tianocore EDK2 library is related to buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to confidential data. Unauthorized access to confidential data...

EDK2 Security Vulnerability

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2, which stems from the fact that S3 is activated during sleep, and can be exploited by an attacker to cause a loss of...

CVE-2024-26678

CVE-2024-26678 affects the Linux kernel’s x86/efistub pathway. The vulnerability arises from using a 1:1 file:memory mapping for the PE/COFF .compat section, which is an 8-byte dummy section containing the 32-bit entrypoint address of a 64-bit kernel image when booted from 32-bit firmware (CONFIG...

CVE-2024-26678

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

The vulnerability of the tcg2measuregpttable() function in the Tianocore EDK2 library, caused by buffer overflows, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the tcg2measuregpttable function in the Tianocore EDK2 library is caused by buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the createhob() function in the Tianocore EDK2 library, caused by buffer overflows, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the createhob function in the Tianocore EDK2 library arises due to buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the tcg2measurepeimage() function in the Tianocore EDK2 library, caused by buffer overflows, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the tcg2measurepeimage function in the Tianocore EDK2 library is caused by buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the NetRandomInitSeed() function in the Tianocore edk2 library, which allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the NetRandomInitSeed function in the Tianocore edk2 library is related to errors in the code of the pseudo-random number generator when processing the Seed parameter. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or...

The vulnerability of the Ip6IsOptionValid() function in the Tianocore edk2 library, which allows a attacker to compromise the accessibility of protected information or cause service failures.

The vulnerability of the Ip6IsOptionValid function in the Tianocore edk2 library is related to the execution of a loop with an unreachable exit condition when processing the PadN parameter. Exploiting this vulnerability could allow a remote attacker to compromise the accessibility of protected...