Edk2@- Security Vulnerabilities and Issues — Edk2@- CVE List

Lucene search

TianocoreEdk2-

5 matches found

CVE•added 2020/11/23 4:15 p.m.•208 views

CVE-2019-14559

Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.

7.5CVSS7.2AI score0.00688EPSS

CVE•added 2020/11/23 5:15 p.m.•155 views

CVE-2019-14563

Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8CVSS7.6AI score0.00054EPSS

CVE•added 2020/11/23 5:15 p.m.•150 views

CVE-2019-14575

Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8CVSS7.6AI score0.00061EPSS

CVE•added 2020/01/31 4:15 p.m.•82 views

CVE-2014-4859

Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data.

7.2CVSS6.6AI score0.00039EPSS

CVE•added 2020/01/31 4:15 p.m.•57 views

CVE-2014-4860

Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase.

7.2CVSS6.3AI score0.00037EPSS