Vulnerabilidades em Tianocore
27 resultadosCVE-2023-45232HIGHInfinite loop in EDK II Network PackageEPSS 2.1%CVE-2023-45233HIGHInfinite loop in EDK II Network PackageEPSS 2.1%CVE-2021-38575—NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.EPSS 1.9%CVE-2023-45235HIGHBuffer Overflow in EDK II Network PackageEPSS 1.2%CVE-2023-45230HIGHBuffer Overflow in EDK II Network PackageEPSS 1.2%CVE-2023-45234HIGHBuffer Overflow in EDK II Network PackageEPSS 1.2%CVE-2021-28213—Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks.EPSS 1.1%CVE-2023-45237MEDIUMUse of a Weak PseudoRandom Number Generator in EDK II Network PackageEPSS 1.0%CVE-2023-45236MEDIUMPredictable TCP ISNs in EDK II Network PackageEPSS 1.0%CVE-2021-38578HIGHExisting CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.EPSS 1.0%CVE-2023-45229MEDIUMOut-of-Bounds Read in EDK II Network PackageEPSS 0.9%CVE-2023-45231MEDIUMOut-of-Bounds Read in EDK II Network PackageEPSS 0.9%CVE-2025-2296HIGHUn-verified kernel bypass Secure Boot mechanism in direct boot modeEPSS 0.7%CVE-2021-28216—BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.EPSS 0.4%CVE-2014-8271—Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a loEPSS 0.4%CVE-2021-28210—An unlimited recursion in DxeCore in EDK II.EPSS 0.4%CVE-2021-28211—A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.EPSS 0.4%CVE-2024-38796MEDIUMInteger overflow in PeCoffLoaderRelocateImageEPSS 0.4%CVE-2022-36763HIGHHeap Buffer Overflow in Tcg2MeasureGptTableEPSS 0.3%CVE-2022-36764HIGHHeap Buffer Overflow in Tcg2MeasurePeImageEPSS 0.3%