Tianocore: Security Vulnerabilities
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
CVSS Score
6.8
EPSS Score
0.001
Published
2019-03-27
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-03-27
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
CVSS Score
8.7
EPSS Score
0.003
Published
2019-03-27
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
CVSS Score
5.5
EPSS Score
0.0
Published
2019-03-27
Page 5