threat
engine
.sh
Back
·
··:··
Home
/
Product
/
tianocore edk ii
Product
tianocore edk ii
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-28216
all versions
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to
7.8
HIGH
CVE-2019-11098
all versions
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privi
6.8
MEDIUM
CVE-2019-0161
all versions
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
5.5
MEDIUM
CVE-2019-0160
all versions
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or
9.8
CRITICAL
CVE-2018-3613
all versions
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable es
7.8
HIGH
CVE-2018-12183
all versions
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information
6.8
MEDIUM
CVE-2018-12182
all versions
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of priv
6.7
MEDIUM
CVE-2018-12181
all versions
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of pri
6.0
MEDIUM
CVE-2018-12180
all versions
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, inf
8.8
HIGH
CVE-2018-12179
all versions
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege,
7.8
HIGH
CVE-2018-12178
all versions
Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denia
9.1
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin