Search Results | AttackerKB

Show filters

Topics 44 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

44 Total Results

Displaying 21-30 of 44

Attacker Value

Unknown

CVE-2021-28210

Disclosure Date: June 11, 2021 (last updated February 22, 2025)

An unlimited recursion in DxeCore in EDK II.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2021-28213

Disclosure Date: June 11, 2021 (last updated November 28, 2024)

Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-28211

Disclosure Date: June 11, 2021 (last updated February 22, 2025)

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.

Attack Vector: Local Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14584

Disclosure Date: June 03, 2021 (last updated February 22, 2025)

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14575

Disclosure Date: November 23, 2020 (last updated November 28, 2024)

Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14587

Disclosure Date: November 23, 2020 (last updated November 28, 2024)

Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Attack Vector: Adjacent Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14586

Disclosure Date: November 23, 2020 (last updated February 22, 2025)

Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.

Attack Vector: Adjacent Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14563

Disclosure Date: November 23, 2020 (last updated February 22, 2025)

Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14562

Disclosure Date: November 23, 2020 (last updated February 22, 2025)

Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14553

Disclosure Date: November 23, 2020 (last updated February 22, 2025)

Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.

Attack Vector: Network Privileges: High User Interaction: None

0