Every CVE whose affected-product data names Tianocore Edk2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (33)
CVE-2025-2486 — CVSS 8.8 (high): The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing…
CVE-2023-45234 — CVSS 8.3 (high): EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise…
CVE-2023-45230 — CVSS 8.3 (high): EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability…
CVE-2023-45235 — CVSS 8.3 (high): EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise…
CVE-2019-14586 — CVSS 8.0 (high): Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information…
CVE-2017-5731 — CVSS 7.8 (high): Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege…
CVE-2019-14563 — CVSS 7.8 (high): Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-14575 — CVSS 7.8 (high): Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via…
CVE-2019-14584 — CVSS 7.8 (high): Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2021-38576 — CVSS 7.5 (high): A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the…
CVE-2019-14559 — CVSS 7.5 (high): Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
CVE-2023-45232 — CVSS 7.5 (high): EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of…
CVE-2023-45233 — CVSS 7.5 (high): EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of…
CVE-2021-38578 — CVSS 7.4 (high): Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
CVE-2022-36763 — CVSS 7.0 (high): EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local…
CVE-2022-36764 — CVSS 7.0 (high): EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local…
CVE-2022-36765 — CVSS 7.0 (high): EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a…
CVE-2014-4860 — CVSS 6.8 (medium): Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2…
CVE-2014-8271 — CVSS 6.8 (medium): Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a…
CVE-2014-4859 — CVSS 6.8 (medium): Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows…
CVE-2023-49721 — CVSS 6.7 (medium): An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.
CVE-2023-48733 — CVSS 6.7 (medium): An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure…
CVE-2023-45231 — CVSS 6.5 (medium): EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This…
CVE-2023-45229 — CVSS 6.5 (medium): EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6…
CVE-2019-14587 — CVSS 6.5 (medium): Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-45236 — CVSS 5.8 (medium): EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to…
CVE-2019-14562 — CVSS 5.5 (medium): Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local…
CVE-2023-45237 — CVSS 5.3 (medium): EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to…
CVE-2019-14553 — CVSS 4.9 (medium): Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.