12 matches found
Vulnerabilities in EDK2 NetworkPkg IP stack implementation.
Overview Multiple vulnerabilities were discovered in the TCP/IP stack NetworkPkg of Tianocore EDKII, an open source implementation of Unified Extensible Firmware Interface UEFI. Researchers at Quarkslab have identified a total of 9 vulnerabilities that if exploited via network can lead to remote...
SUSE CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access...
SUSE SLES15 Security Update : ovmf (SUSE-SU-2023:0036-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0036-1 advisory. - Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege,...
OESA-2022-1988 edk2 security update
Security Fixes: Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.CVE-2019-11098...
EulerOS Virtualization 2.10.1 : edk2 (EulerOS-SA-2022-1390)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of...
EulerOS Virtualization 2.10.0 : edk2 (EulerOS-SA-2022-1416)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of...
CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access...
UBUNTU-CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access...
CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access...
CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access...
CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access...
CVE-2019-11098
The CVE-2019-11098 entry relates to the EDK II MdeModulePkg, where insufficient input validation could allow an unauthenticated user to escalate privileges, cause a denial of service, or disclose information via physical access. Affected products/contexts in connected documents include edk2 packa...