Search for packages
| purl | pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie |
| Next non-vulnerable version | 2020.11-2+deb11u3 |
| Latest non-vulnerable version | 2025.11-5 |
| Risk | 3.8 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-b7a9-w2fs-dbh7
Aliases: CVE-2024-38797 |
edk2: Out-of-bounds Read in EDK2 |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-k7zd-s9nc-r3hb
Aliases: CVE-2025-3770 |
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-mg21-k76s-sqfp
Aliases: CVE-2024-13176 |
openssl: Timing side-channel in ECDSA signature computation |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-quq1-8rke-c3gf
Aliases: CVE-2023-45237 |
edk2: Use of a Weak PseudoRandom Number Generator |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-r48c-b4df-ffhx
Aliases: CVE-2025-2295 |
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-sd4b-3g4z-mubq
Aliases: CVE-2025-2296 |
edk2: EDK2: Improper Input Validation allows arbitrary command execution |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-z1gk-5f8t-tqau
Aliases: CVE-2023-45236 |
edk2: Predictable TCP Initial Sequence Numbers |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zd64-tjtu-sua3
Aliases: CVE-2024-38798 |
EDK2: EDK2: Information Disclosure and Privilege Escalation via Local BIOS Access |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zwx2-8yhh-7yef
Aliases: CVE-2024-38805 |
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-12pz-n6cq-3kg9 | edk2: unlimited FV recursion, round 2 |
CVE-2021-28210
|
| VCID-2atx-ce9g-tbds | edk2: Temporary DoS vulnerability |
CVE-2024-1298
|
| VCID-2nzx-2ymt-kuhv | edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe |
CVE-2021-38575
|
| VCID-5czu-f7hq-v3bf | edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message |
CVE-2023-45229
|
| VCID-6xr7-4aq5-rye5 | Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data. |
CVE-2014-4859
|
| VCID-7snr-xbcq-n7bn | edk2: double-unmap issue in SdMmcCreateTrb function in MdeModulePkg/Bus/Pci/SdMmcPciHcDxe/SdMmcPciHci.c |
CVE-2019-14587
|
| VCID-8u8r-kpy1-sua4 | edk2: possible heap corruption with LzmaUefiDecompressGetInfo |
CVE-2021-28211
|
| VCID-9j1j-68kv-ufhn | EDK2: heap buffer overflow in Tcg2MeasureGptTable() |
CVE-2022-36763
|
| VCID-bev8-5pts-ryh5 | edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib |
CVE-2019-14563
|
| VCID-bfkk-ttfx-u3bb | edk2: encrypted private key in the IpSecDxe.efi present potential security risks |
CVE-2021-28213
|
| VCID-ckyc-4ewv-dyhx | edk2: potential use-after-free due to the original configuration runtime memory is freed but it is still exposed to the OS runtime |
CVE-2019-14586
|
| VCID-cqwr-6xc1-z7dy | edk2: Buffer Overflow in BlockIo service for RAM disk |
CVE-2018-12180
|
| VCID-dst7-q1b4-63ft | edk2: Stack buffer overflow with corrupted BMP |
CVE-2018-12181
|
| VCID-fjff-f33s-5yen | edk2: DxeImageVerificationHandler() fails open in case of dbx signature check |
CVE-2019-14575
|
| VCID-fxxz-zj2j-1qdz | edk2: Infinite loop when parsing a PadN option in the Destination Options header |
CVE-2023-45233
|
| VCID-h4uc-8m6s-ffhy | edk2: Infinite loop when parsing unknown options in the Destination Options header |
CVE-2023-45232
|
| VCID-ha36-4zhr-mfcu | edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message |
CVE-2023-45234
|
| VCID-hme1-vqbr-qydz | EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W |
CVE-2022-36765
|
| VCID-jru9-qcjy-93d1 | edk2: DxeImageVerificationHandler integer overflow leads to endless loop |
CVE-2019-14562
|
| VCID-k7n3-f3ej-tqa9 | edk2: edk2: UEFI Shell access in Secure Boot environments allows bypass of Secure Boot constraints |
CVE-2025-2486
|
| VCID-mfbp-ej43-hbh5 | edk2: potentially leaking of secret information due to uncleared memory |
CVE-2019-14558
|
| VCID-mgbq-zh3v-uudp | edk2: NULL pointer dereference in AuthenticodeVerify() |
CVE-2019-14584
|
| VCID-nqk5-vmve-d3cq | A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system. |
CVE-2021-38576
|
| VCID-pf73-medx-quet | BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. |
CVE-2021-28216
|
| VCID-q448-gmmp-pkaa | edk2: stack overflow in XHCI causing denial of service |
CVE-2019-0161
|
| VCID-q4pf-fuwv-d3e3 | edk2: improper DNS packet size check |
CVE-2018-12178
|
| VCID-qbgw-q6yb-g7d3 | edk2: improper configuration insystem firmware leads to privilege escalation |
CVE-2018-12179
|
| VCID-r575-k7j8-hbfy | edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation |
CVE-2021-38578
|
| VCID-s1qw-sn4h-xyfe | edk2: stack overflow in DxeCore leads to privilege escalation |
CVE-2018-12183
|
| VCID-s69t-vde7-1fem | edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media |
CVE-2019-0160
|
| VCID-stpq-vk6v-k3g4 | Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase. |
CVE-2014-4860
|
| VCID-u9mt-wbe7-yfb6 | edk2: Buffer overflow in the DHCPv6 client via a long Server ID option |
CVE-2023-45230
|
| VCID-v17c-bytr-6qe4 | edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message |
CVE-2023-45235
|
| VCID-vzd4-6nza-4bgx | edk2: Integer overflows in PeCoffLoaderRelocateImage |
CVE-2024-38796
|
| VCID-w1dc-2k92-u7ha | edk2: memory leak in ArpOnFrameRcvdDpc |
CVE-2019-14559
|
| VCID-w7z8-86tz-87eb | edk2: Out of Bounds read when handling a ND Redirect message with truncated options |
CVE-2023-45231
|
| VCID-x5x7-rwjh-wbb7 | EDK2: heap buffer overflow in Tcg2MeasurePeImage() |
CVE-2022-36764
|
| VCID-xb4u-976f-efdb | edk2: Insufficient input validation in MdeModulePkg may lead to privilege escalation |
CVE-2019-11098
|
| VCID-xbzy-jfjd-j3ew | edk2: invalid server certificate accepted in HTTPS-over-IPv6 boot |
CVE-2019-14553
|
| VCID-yyqe-rr6t-c3hd | security update |
CVE-2023-48733
|
| VCID-z6dd-929s-n7cr | edk2: insufficient memory write in SMM service leads to privilege escalation |
CVE-2018-12182
|