tianocore

Top products

The 15 most recently published vulnerabilities affecting tianocore.

• CVE-2024-38798Uncleared password keystrokes in circular queue can lead to information disclosure or escalation of privilege7.0Dec 9, 2025
• CVE-2025-2486UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu8.8Nov 26, 2025
• CVE-2024-38805iSCSI Remote Memory Corruption and Denial of Service6.3Aug 12, 2025
• CVE-2025-3770SMM IDT Privilege Escalation Vulnerability7.0Aug 7, 2025
• CVE-2024-38797Out-of-bounds Read in HashPeImageByType()4.6Apr 7, 2025
• CVE-2025-2295Potential iSCSI R2T PDU Vulnerability3.5Mar 14, 2025
• CVE-2024-38796Integer overflow in PeCoffLoaderRelocateImage5.9Sep 27, 2024
• CVE-2024-1298Integer Overflow caused by divide by zero during S3 suspension6.0May 30, 2024
• CVE-2023-49721An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.6.7Feb 14, 2024
• CVE-2023-48733An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.6.7Feb 14, 2024
• CVE-2023-45234Buffer Overflow in EDK II Network Package8.3Jan 16, 2024
• CVE-2023-45233Infinite loop in EDK II Network Package7.5Jan 16, 2024
• CVE-2023-45232Infinite loop in EDK II Network Package7.5Jan 16, 2024
• CVE-2023-45235Buffer Overflow in EDK II Network Package8.3Jan 16, 2024
• CVE-2023-45237Use of a Weak PseudoRandom Number Generator in EDK II Network Package5.3Jan 16, 2024