Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

EDK2 — Vulnerabilities & Security Advisories 22

All 22 CVE vulnerabilities found in EDK2, with AI-generated Chinese analysis, references, and POCs.

Vendor: Tianocore

CVE IDTitleCVSSSeverityPaused
CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode CWE-20 7.8AIHighAI2025-12-09
CVE-2024-38798 Uncleared password keystrokes in circular queue can lead to information disclosure or escalation of privilege CWE-200 7.8AIHighAI2025-12-09
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu CWE-489 6.0AIMediumAI2025-11-26
CVE-2024-38805 iSCSI Remote Memory Corruption and Denial of Service CWE-190 6.3 Medium2025-08-12
CVE-2025-3770 SMM IDT Privilege Escalation Vulnerability CWE-693 7.0 High2025-08-07
CVE-2024-38797 Out-of-bounds Read in HashPeImageByType() CWE-125 4.6 Medium2025-04-07
CVE-2025-2295 Potential iSCSI R2T PDU Vulnerability CWE-190 3.5 Low2025-03-14
CVE-2024-38796 Integer overflow in PeCoffLoaderRelocateImage CWE-122 5.9 Medium2024-09-27
CVE-2024-1298 Integer Overflow caused by divide by zero during S3 suspension CWE-369 6.0 Medium2024-05-30
CVE-2023-45234 Buffer Overflow in EDK II Network Package CWE-119 8.3 High2024-01-16
CVE-2023-45233 Infinite loop in EDK II Network Package CWE-835 7.5 High2024-01-16
CVE-2023-45232 Infinite loop in EDK II Network Package CWE-835 7.5 High2024-01-16
CVE-2023-45235 Buffer Overflow in EDK II Network Package CWE-119 8.3 High2024-01-16
CVE-2023-45237 Use of a Weak PseudoRandom Number Generator in EDK II Network Package CWE-338 5.3 Medium2024-01-16
CVE-2023-45236 Predictable TCP ISNs in EDK II Network Package CWE-200 5.8 Medium2024-01-16
CVE-2023-45231 Out-of-Bounds Read in EDK II Network Package CWE-125 6.5 Medium2024-01-16
CVE-2023-45230 Buffer Overflow in EDK II Network Package CWE-119 8.3 High2024-01-16
CVE-2023-45229 Out-of-Bounds Read in EDK II Network Package CWE-125 6.5 Medium2024-01-16
CVE-2022-36765 Integer Overflow in CreateHob CWE-680 7.0 High2024-01-09
CVE-2022-36764 Heap Buffer Overflow in Tcg2MeasurePeImage CWE-122 7.0 High2024-01-09
CVE-2022-36763 Heap Buffer Overflow in Tcg2MeasureGptTable CWE-122 7.0 High2024-01-09
CVE-2014-8271 Tianocore EDK2 缓冲区错误漏洞 6.8 -2020-02-06

All 22 known CVE vulnerabilities affecting EDK2 with full Chinese analysis, references, and POCs where available.