10 matches found
EUVD-2019-0967
Malware in sbrugna...
Predictable TCP ISNs in EDK II Network Package
...
AZL-39220 CVE-2023-45237 affecting package edk2 for versions less than 20230301gitf80f052277c8-40
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...
CVE-2023-45233 Infinite loop in EDK II Network Package
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...
CVE-2023-45232 Infinite loop in EDK II Network Package
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...
CVE-2023-45235 Buffer Overflow in EDK II Network Package
EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or...
CVE-2023-45237 Use of a Weak PseudoRandom Number Generator in EDK II Network Package
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...
CVE-2023-45236 Predictable TCP ISNs in EDK II Network Package
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...
CVE-2023-45231 Out-of-Bounds Read in EDK II Network Package
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...
CVE-2023-45229 Out-of-Bounds Read in EDK II Network Package
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IANA or IATA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...