Lucene search
+L

5 matches found

OSV
OSV
added 2024/08/23 11:8 a.m.1 views

OESA-2024-2023 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network. Successful...

7.8CVSS7.1AI score0.00288EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/04/30 9:52 a.m.3 views

EDK2: heap buffer overflow in Tcg2MeasureGptTable()

A heap buffer overflow flaw was found via the Tcg2MeasureGptTable function in EDK2, arising from inadequate validation of the GPT Primary Header, presenting a minor risk to confidentiality and integrity. The primary consequence is likely a crash or denial of service. This issue may allow a local...

7.8CVSS6.2AI score0.00288EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/04/25 12:0 a.m.44 views

Oracle Linux 8 : edk2 (ELSA-2024-12343)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12343 advisory. - Create new 20240227 release for OL8 which includes the following fixed CVEs: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232...

10CVSS7.3AI score0.92488EPSS
Exploits10References11
SUSE CVE
SUSE CVE
added 2024/01/11 2:46 a.m.2 views

SUSE CVE-2022-36763

EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...

7CVSS6.7AI score0.00288EPSS
Exploits0References3
OSV
OSV
added 2024/01/09 4:15 p.m.7 views

AZL-39247 CVE-2022-36763 affecting package edk2 for versions less than 20230301gitf80f052277c8-40

EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...

7.8CVSS7AI score0.00288EPSS
Exploits0References1
Rows per page
Query Builder