RSS   Podatności dla 'Edk ii'   RSS

2021-07-14
 
CVE-2019-11098

CWE-20
 
 
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.

 
2019-03-27
 
CVE-2019-0161

CWE-119
 
 
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.

 
 
CVE-2019-0160

CWE-119
 
 
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.

 
 
CVE-2018-3613

CWE-noinfo
 
 
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

 
 
CVE-2018-12183

CWE-787
 
 
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

 
 
CVE-2018-12182

CWE-441
 
 
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

 
 
CVE-2018-12181

CWE-119
 
 
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.

 
 
CVE-2018-12180

CWE-787
 
 
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

 
 
CVE-2018-12179

CWE-16
 
 
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

 
 
CVE-2018-12178

CWE-119
 
 
Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.

 

Copyright 2024, cxsecurity.com

 

Back to Top