Vulnerabilities > Tianocore > Edk2 > 202102
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2022-36764 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tianocore Edk2 EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. | 7.8 |
| 2024-01-09 | CVE-2022-36765 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tianocore Edk2 EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. | 7.8 |
| 2022-03-03 | CVE-2021-38578 | Out-of-bounds Write vulnerability in multiple products Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. | 9.8 |
| 2022-01-03 | CVE-2021-38576 | Unspecified vulnerability in Tianocore Edk2 A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. | 7.8 |
| 2021-12-01 | CVE-2021-38575 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. | 8.1 |