VYPR

EDK II

by EDK II

CVEs (10)

  • CVE-2019-14586HigNov 23, 2020
    risk 0.52cvss 8.0epss 0.01

    Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.

  • CVE-2019-14575HigNov 23, 2020
    risk 0.51cvss 7.8epss 0.00

    Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2019-14563HigNov 23, 2020
    risk 0.51cvss 7.8epss 0.00

    Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2018-3613HigMar 27, 2019
    risk 0.51cvss 7.8epss 0.00

    Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

  • CVE-2019-14559HigNov 23, 2020
    risk 0.49cvss 7.5epss 0.01

    Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.

  • CVE-2021-28211MedJun 11, 2021
    risk 0.44cvss 6.7epss 0.00

    A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.

  • CVE-2019-14587MedNov 23, 2020
    risk 0.42cvss 6.5epss 0.01

    Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.

  • CVE-2019-14562MedNov 23, 2020
    risk 0.36cvss 5.5epss 0.00

    Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2019-0161MedMar 27, 2019
    risk 0.36cvss 5.5epss 0.00

    Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.

  • CVE-2019-14553MedNov 23, 2020
    risk 0.32cvss 4.9epss 0.01

    Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.