Vulnerabilities > Tianocore > Edk2 > 201811
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2022-36764 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tianocore Edk2 EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. | 7.8 |
| 2024-01-09 | CVE-2022-36765 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tianocore Edk2 EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. | 7.8 |
| 2022-03-03 | CVE-2021-38578 | Out-of-bounds Write vulnerability in multiple products Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. | 9.8 |
| 2022-01-03 | CVE-2021-38576 | Unspecified vulnerability in Tianocore Edk2 A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. | 7.5 |
| 2021-12-01 | CVE-2021-38575 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. | 8.1 |
| 2021-06-11 | CVE-2021-28210 | Uncontrolled Recursion vulnerability in Tianocore Edk2 An unlimited recursion in DxeCore in EDK II. | 7.8 |
| 2020-02-06 | CVE-2014-8271 | Classic Buffer Overflow vulnerability in Tianocore Edk2 Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name. | 6.8 |