Vulnerabilities > Tianocore > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-28 | CVE-2017-5731 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tianocore Edk2 Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access. | 7.8 |
| 2019-03-27 | CVE-2018-3613 | Unspecified vulnerability in Tianocore EDK II Udk2015/Udk2017/Udk2018 Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | 7.8 |
| 2019-03-27 | CVE-2018-12180 | Out-of-bounds Write vulnerability in multiple products Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. | 8.8 |
| 2019-03-27 | CVE-2018-12179 | Unspecified vulnerability in Tianocore EDK II Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | 7.8 |