| 0 |
| url |
VCID-12pz-n6cq-3kg9 |
| vulnerability_id |
VCID-12pz-n6cq-3kg9 |
| summary |
edk2: unlimited FV recursion, round 2 |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-28210 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30681 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30683 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30773 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30729 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30813 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.3086 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30679 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30738 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.3077 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-28210 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-28210
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-12pz-n6cq-3kg9 |
|
| 1 |
| url |
VCID-2atx-ce9g-tbds |
| vulnerability_id |
VCID-2atx-ce9g-tbds |
| summary |
edk2: Temporary DoS vulnerability |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-1298 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09411 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09355 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09406 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09317 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09391 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09438 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09452 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09426 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-1298 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-1298
|
| risk_score |
2.7 |
| exploitability |
0.5 |
| weighted_severity |
5.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2atx-ce9g-tbds |
|
| 2 |
| url |
VCID-2nzx-2ymt-kuhv |
| vulnerability_id |
VCID-2nzx-2ymt-kuhv |
| summary |
edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38575 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67211 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67286 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67335 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67322 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67248 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67272 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.6725 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67301 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67315 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38575 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38575
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2nzx-2ymt-kuhv |
|
| 3 |
| url |
VCID-5czu-f7hq-v3bf |
| vulnerability_id |
VCID-5czu-f7hq-v3bf |
| summary |
edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45229 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32942 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33063 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33096 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32925 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32972 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33002 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33005 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32967 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45229 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45229
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5czu-f7hq-v3bf |
|
| 4 |
| url |
VCID-6xr7-4aq5-rye5 |
| vulnerability_id |
VCID-6xr7-4aq5-rye5 |
| summary |
Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4859 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11803 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11919 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11966 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11755 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11838 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11889 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.119 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11862 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00039 |
| scoring_system |
epss |
| scoring_elements |
0.11834 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4859 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-4859
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6xr7-4aq5-rye5 |
|
| 5 |
| url |
VCID-7snr-xbcq-n7bn |
| vulnerability_id |
VCID-7snr-xbcq-n7bn |
| summary |
edk2: double-unmap issue in SdMmcCreateTrb function in MdeModulePkg/Bus/Pci/SdMmcPciHcDxe/SdMmcPciHci.c |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14587 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00188 |
| scoring_system |
epss |
| scoring_elements |
0.40546 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00188 |
| scoring_system |
epss |
| scoring_elements |
0.40627 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00188 |
| scoring_system |
epss |
| scoring_elements |
0.40655 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00188 |
| scoring_system |
epss |
| scoring_elements |
0.40576 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00188 |
| scoring_system |
epss |
| scoring_elements |
0.40637 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00188 |
| scoring_system |
epss |
| scoring_elements |
0.40618 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00188 |
| scoring_system |
epss |
| scoring_elements |
0.40599 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14587 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14587
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7snr-xbcq-n7bn |
|
| 6 |
| url |
VCID-8u8r-kpy1-sua4 |
| vulnerability_id |
VCID-8u8r-kpy1-sua4 |
| summary |
edk2: possible heap corruption with LzmaUefiDecompressGetInfo |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-28211 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18742 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18695 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18791 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18745 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18878 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18931 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18653 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18733 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18786 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-28211 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-28211
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8u8r-kpy1-sua4 |
|
| 7 |
| url |
VCID-9j1j-68kv-ufhn |
| vulnerability_id |
VCID-9j1j-68kv-ufhn |
| summary |
EDK2: heap buffer overflow in Tcg2MeasureGptTable() |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36763 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.19037 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.1885 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18811 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18891 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18943 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18949 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.18902 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.0006 |
| scoring_system |
epss |
| scoring_elements |
0.1909 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36763 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-36763
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9j1j-68kv-ufhn |
|
| 8 |
| url |
VCID-b7a9-w2fs-dbh7 |
| vulnerability_id |
VCID-b7a9-w2fs-dbh7 |
| summary |
edk2: Out-of-bounds Read in EDK2 |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-38797 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27002 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.271 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27103 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27059 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27157 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27194 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.26986 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00098 |
| scoring_system |
epss |
| scoring_elements |
0.27054 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-38797 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-38797
|
| risk_score |
2.0 |
| exploitability |
0.5 |
| weighted_severity |
4.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b7a9-w2fs-dbh7 |
|
| 9 |
| url |
VCID-bev8-5pts-ryh5 |
| vulnerability_id |
VCID-bev8-5pts-ryh5 |
| summary |
edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14563 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16992 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17163 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17215 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16996 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17086 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17143 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.1707 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17009 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14563 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14563
|
| risk_score |
2.9 |
| exploitability |
0.5 |
| weighted_severity |
5.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bev8-5pts-ryh5 |
|
| 10 |
| url |
VCID-bfkk-ttfx-u3bb |
| vulnerability_id |
VCID-bfkk-ttfx-u3bb |
| summary |
edk2: encrypted private key in the IpSecDxe.efi present potential security risks |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-28213 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.5037 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.50425 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.50454 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.50408 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.50461 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.50455 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.50496 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.50473 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0027 |
| scoring_system |
epss |
| scoring_elements |
0.50458 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-28213 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-28213
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bfkk-ttfx-u3bb |
|
| 11 |
| url |
VCID-ckyc-4ewv-dyhx |
| vulnerability_id |
VCID-ckyc-4ewv-dyhx |
| summary |
edk2: potential use-after-free due to the original configuration runtime memory is freed but it is still exposed to the OS runtime |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14586 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33141 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33271 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33303 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33136 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33179 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33213 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33215 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33176 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33153 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14586 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14586
|
| risk_score |
2.0 |
| exploitability |
0.5 |
| weighted_severity |
4.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ckyc-4ewv-dyhx |
|
| 12 |
| url |
VCID-cqwr-6xc1-z7dy |
| vulnerability_id |
VCID-cqwr-6xc1-z7dy |
| summary |
edk2: Buffer Overflow in BlockIo service for RAM disk |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12180 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.799 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.79948 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.79953 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.79973 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.79957 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.79907 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.79928 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.79916 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.01331 |
| scoring_system |
epss |
| scoring_elements |
0.79945 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12180 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12180
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cqwr-6xc1-z7dy |
|
| 13 |
| url |
VCID-dst7-q1b4-63ft |
| vulnerability_id |
VCID-dst7-q1b4-63ft |
| summary |
edk2: Stack buffer overflow with corrupted BMP |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12181 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.33774 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.3401 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.34078 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.34076 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.34033 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.34112 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.34144 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.34004 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00139 |
| scoring_system |
epss |
| scoring_elements |
0.34046 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12181 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12181
|
| risk_score |
2.7 |
| exploitability |
0.5 |
| weighted_severity |
5.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dst7-q1b4-63ft |
|
| 14 |
| url |
VCID-fjff-f33s-5yen |
| vulnerability_id |
VCID-fjff-f33s-5yen |
| summary |
edk2: DxeImageVerificationHandler() fails open in case of dbx signature check |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14575 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19102 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19237 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19288 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19005 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19085 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19138 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19145 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19098 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00061 |
| scoring_system |
epss |
| scoring_elements |
0.19045 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14575 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14575
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fjff-f33s-5yen |
|
| 15 |
| url |
VCID-fxxz-zj2j-1qdz |
| vulnerability_id |
VCID-fxxz-zj2j-1qdz |
| summary |
edk2: Infinite loop when parsing a PadN option in the Destination Options header |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45233 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65191 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65231 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65199 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65258 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65271 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65253 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65241 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65225 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45233 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45233
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fxxz-zj2j-1qdz |
|
| 16 |
| url |
VCID-h4uc-8m6s-ffhy |
| vulnerability_id |
VCID-h4uc-8m6s-ffhy |
| summary |
edk2: Infinite loop when parsing unknown options in the Destination Options header |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45232 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65231 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65199 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65225 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65191 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65241 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65253 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65271 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00483 |
| scoring_system |
epss |
| scoring_elements |
0.65258 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45232 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45232
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h4uc-8m6s-ffhy |
|
| 17 |
| url |
VCID-ha36-4zhr-mfcu |
| vulnerability_id |
VCID-ha36-4zhr-mfcu |
| summary |
edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45234 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53871 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53807 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53834 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53859 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53857 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53905 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53887 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45234 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45234
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ha36-4zhr-mfcu |
|
| 18 |
| url |
VCID-hme1-vqbr-qydz |
| vulnerability_id |
VCID-hme1-vqbr-qydz |
| summary |
EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36765 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.1208 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12006 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.11929 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12012 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12064 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12071 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12033 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12125 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36765 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-36765
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hme1-vqbr-qydz |
|
| 19 |
| url |
VCID-jru9-qcjy-93d1 |
| vulnerability_id |
VCID-jru9-qcjy-93d1 |
| summary |
edk2: DxeImageVerificationHandler integer overflow leads to endless loop |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14562 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13536 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13636 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13697 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13497 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13578 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13629 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13601 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13564 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00044 |
| scoring_system |
epss |
| scoring_elements |
0.13516 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14562 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14562
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jru9-qcjy-93d1 |
|
| 20 |
| url |
VCID-k7n3-f3ej-tqa9 |
| vulnerability_id |
VCID-k7n3-f3ej-tqa9 |
| summary |
edk2: edk2: UEFI Shell access in Secure Boot environments allows bypass of Secure Boot constraints |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2486 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06721 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06836 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06848 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06842 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06768 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06754 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06806 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00025 |
| scoring_system |
epss |
| scoring_elements |
0.06845 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2486 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-2486
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k7n3-f3ej-tqa9 |
|
| 21 |
| url |
VCID-k7zd-s9nc-r3hb |
| vulnerability_id |
VCID-k7zd-s9nc-r3hb |
| summary |
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-3770 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06039 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05863 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05966 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05948 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.06048 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05896 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05889 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00022 |
| scoring_system |
epss |
| scoring_elements |
0.05928 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-3770 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-3770
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k7zd-s9nc-r3hb |
|
| 22 |
| url |
VCID-mfbp-ej43-hbh5 |
| vulnerability_id |
VCID-mfbp-ej43-hbh5 |
| summary |
edk2: potentially leaking of secret information due to uncleared memory |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14558 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30963 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31089 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31135 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30951 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31008 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31037 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31044 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30955 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14558 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14558
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mfbp-ej43-hbh5 |
|
| 23 |
| url |
VCID-mg21-k76s-sqfp |
| vulnerability_id |
VCID-mg21-k76s-sqfp |
| summary |
openssl: Timing side-channel in ECDSA signature computation |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-13176 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00073 |
| scoring_system |
epss |
| scoring_elements |
0.22223 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00073 |
| scoring_system |
epss |
| scoring_elements |
0.22339 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00073 |
| scoring_system |
epss |
| scoring_elements |
0.22384 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00073 |
| scoring_system |
epss |
| scoring_elements |
0.22169 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00073 |
| scoring_system |
epss |
| scoring_elements |
0.22252 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00073 |
| scoring_system |
epss |
| scoring_elements |
0.22305 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00073 |
| scoring_system |
epss |
| scoring_elements |
0.22325 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00073 |
| scoring_system |
epss |
| scoring_elements |
0.22283 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-13176 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-13176
|
| risk_score |
2.1 |
| exploitability |
0.5 |
| weighted_severity |
4.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mg21-k76s-sqfp |
|
| 24 |
| url |
VCID-mgbq-zh3v-uudp |
| vulnerability_id |
VCID-mgbq-zh3v-uudp |
| summary |
edk2: NULL pointer dereference in AuthenticodeVerify() |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14584 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23933 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23911 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.24011 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23968 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.2406 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.24098 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23881 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23948 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23995 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14584 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14584
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mgbq-zh3v-uudp |
|
| 25 |
| url |
VCID-nqk5-vmve-d3cq |
| vulnerability_id |
VCID-nqk5-vmve-d3cq |
| summary |
A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38576 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48956 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48992 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.4902 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48973 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49027 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49023 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.4904 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49013 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49019 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38576 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38576
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nqk5-vmve-d3cq |
|
| 26 |
| url |
VCID-pf73-medx-quet |
| vulnerability_id |
VCID-pf73-medx-quet |
| summary |
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-28216 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.33417 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.3339 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.33526 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.33559 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.334 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.33444 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.33478 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.33481 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00137 |
| scoring_system |
epss |
| scoring_elements |
0.3344 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-28216 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-28216
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pf73-medx-quet |
|
| 27 |
| url |
VCID-q448-gmmp-pkaa |
| vulnerability_id |
VCID-q448-gmmp-pkaa |
| summary |
edk2: stack overflow in XHCI causing denial of service |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-0161 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13913 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13863 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13992 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13948 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13911 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13996 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.14051 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13854 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00045 |
| scoring_system |
epss |
| scoring_elements |
0.13939 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-0161 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-0161
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q448-gmmp-pkaa |
|
| 28 |
| url |
VCID-q4pf-fuwv-d3e3 |
| vulnerability_id |
VCID-q4pf-fuwv-d3e3 |
| summary |
edk2: improper DNS packet size check |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12178 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00448 |
| scoring_system |
epss |
| scoring_elements |
0.63463 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00448 |
| scoring_system |
epss |
| scoring_elements |
0.63598 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00448 |
| scoring_system |
epss |
| scoring_elements |
0.63566 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00448 |
| scoring_system |
epss |
| scoring_elements |
0.63583 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00448 |
| scoring_system |
epss |
| scoring_elements |
0.63522 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00448 |
| scoring_system |
epss |
| scoring_elements |
0.6355 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00448 |
| scoring_system |
epss |
| scoring_elements |
0.63514 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12178 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12178
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q4pf-fuwv-d3e3 |
|
| 29 |
| url |
VCID-qbgw-q6yb-g7d3 |
| vulnerability_id |
VCID-qbgw-q6yb-g7d3 |
| summary |
edk2: improper configuration insystem firmware leads to privilege escalation |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12179 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30613 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30618 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30708 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30662 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30749 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30797 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30614 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30672 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30704 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12179 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12179
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qbgw-q6yb-g7d3 |
|
| 30 |
| url |
VCID-quq1-8rke-c3gf |
| vulnerability_id |
VCID-quq1-8rke-c3gf |
| summary |
edk2: Use of a Weak PseudoRandom Number Generator |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45237 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59161 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59197 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59185 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59149 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59201 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59214 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59234 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59216 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45237 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45237
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-quq1-8rke-c3gf |
|
| 31 |
| url |
VCID-r48c-b4df-ffhx |
| vulnerability_id |
VCID-r48c-b4df-ffhx |
| summary |
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2295 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00108 |
| scoring_system |
epss |
| scoring_elements |
0.28992 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00108 |
| scoring_system |
epss |
| scoring_elements |
0.29043 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00108 |
| scoring_system |
epss |
| scoring_elements |
0.29112 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00108 |
| scoring_system |
epss |
| scoring_elements |
0.29164 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00108 |
| scoring_system |
epss |
| scoring_elements |
0.28974 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00108 |
| scoring_system |
epss |
| scoring_elements |
0.29038 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00108 |
| scoring_system |
epss |
| scoring_elements |
0.29081 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00108 |
| scoring_system |
epss |
| scoring_elements |
0.29086 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2295 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-2295
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r48c-b4df-ffhx |
|
| 32 |
| url |
VCID-r575-k7j8-hbfy |
| vulnerability_id |
VCID-r575-k7j8-hbfy |
| summary |
edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38578 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19857 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.20005 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19833 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19791 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19871 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19925 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19934 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.19891 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00064 |
| scoring_system |
epss |
| scoring_elements |
0.20064 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38578 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38578
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r575-k7j8-hbfy |
|
| 33 |
| url |
VCID-s1qw-sn4h-xyfe |
| vulnerability_id |
VCID-s1qw-sn4h-xyfe |
| summary |
edk2: stack overflow in DxeCore leads to privilege escalation |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12183 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.2505 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24973 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25068 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25028 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25127 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25167 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24941 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25009 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25054 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12183 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12183
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s1qw-sn4h-xyfe |
|
| 34 |
| url |
VCID-s69t-vde7-1fem |
| vulnerability_id |
VCID-s69t-vde7-1fem |
| summary |
edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-0160 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51303 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51402 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51395 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51393 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51437 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51416 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51356 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51382 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.0028 |
| scoring_system |
epss |
| scoring_elements |
0.51341 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-0160 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-0160
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s69t-vde7-1fem |
|
| 35 |
| url |
VCID-sd4b-3g4z-mubq |
| vulnerability_id |
VCID-sd4b-3g4z-mubq |
| summary |
edk2: EDK2: Improper Input Validation allows arbitrary command execution |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2296 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.3982 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39764 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39843 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39819 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39833 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00234 |
| scoring_system |
epss |
| scoring_elements |
0.46285 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00234 |
| scoring_system |
epss |
| scoring_elements |
0.46294 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00234 |
| scoring_system |
epss |
| scoring_elements |
0.46313 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2296 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-2296
|
| risk_score |
3.8 |
| exploitability |
0.5 |
| weighted_severity |
7.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sd4b-3g4z-mubq |
|
| 36 |
| url |
VCID-stpq-vk6v-k3g4 |
| vulnerability_id |
VCID-stpq-vk6v-k3g4 |
| summary |
Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4860 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11025 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11155 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11218 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11035 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11114 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.1117 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11174 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11142 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11119 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4860 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-4860
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-stpq-vk6v-k3g4 |
|
| 37 |
| url |
VCID-u9mt-wbe7-yfb6 |
| vulnerability_id |
VCID-u9mt-wbe7-yfb6 |
| summary |
edk2: Buffer overflow in the DHCPv6 client via a long Server ID option |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45230 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53871 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53807 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53834 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53859 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53857 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53905 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.53887 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45230 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45230
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u9mt-wbe7-yfb6 |
|
| 38 |
| url |
VCID-v17c-bytr-6qe4 |
| vulnerability_id |
VCID-v17c-bytr-6qe4 |
| summary |
edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45235 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00396 |
| scoring_system |
epss |
| scoring_elements |
0.60351 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00396 |
| scoring_system |
epss |
| scoring_elements |
0.60403 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00396 |
| scoring_system |
epss |
| scoring_elements |
0.60356 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00396 |
| scoring_system |
epss |
| scoring_elements |
0.60423 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00396 |
| scoring_system |
epss |
| scoring_elements |
0.60437 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00396 |
| scoring_system |
epss |
| scoring_elements |
0.60416 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00396 |
| scoring_system |
epss |
| scoring_elements |
0.604 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00396 |
| scoring_system |
epss |
| scoring_elements |
0.60382 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45235 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45235
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v17c-bytr-6qe4 |
|
| 39 |
| url |
VCID-vzd4-6nza-4bgx |
| vulnerability_id |
VCID-vzd4-6nza-4bgx |
| summary |
edk2: Integer overflows in PeCoffLoaderRelocateImage |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-38796 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00067 |
| scoring_system |
epss |
| scoring_elements |
0.20742 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00067 |
| scoring_system |
epss |
| scoring_elements |
0.2082 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00067 |
| scoring_system |
epss |
| scoring_elements |
0.20838 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00067 |
| scoring_system |
epss |
| scoring_elements |
0.20794 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00067 |
| scoring_system |
epss |
| scoring_elements |
0.20908 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00067 |
| scoring_system |
epss |
| scoring_elements |
0.20968 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00067 |
| scoring_system |
epss |
| scoring_elements |
0.20682 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00067 |
| scoring_system |
epss |
| scoring_elements |
0.20759 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-38796 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-38796
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vzd4-6nza-4bgx |
|
| 40 |
| url |
VCID-w1dc-2k92-u7ha |
| vulnerability_id |
VCID-w1dc-2k92-u7ha |
| summary |
edk2: memory leak in ArpOnFrameRcvdDpc |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14559 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.7168 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.71687 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.71705 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.71679 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.71717 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.71729 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.71753 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.71736 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00688 |
| scoring_system |
epss |
| scoring_elements |
0.71719 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14559 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14559
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w1dc-2k92-u7ha |
|
| 41 |
| url |
VCID-w7z8-86tz-87eb |
| vulnerability_id |
VCID-w7z8-86tz-87eb |
| summary |
edk2: Out of Bounds read when handling a ND Redirect message with truncated options |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45231 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32942 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33063 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33096 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32925 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32972 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33002 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33005 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32967 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45231 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45231
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w7z8-86tz-87eb |
|
| 42 |
| url |
VCID-x5x7-rwjh-wbb7 |
| vulnerability_id |
VCID-x5x7-rwjh-wbb7 |
| summary |
EDK2: heap buffer overflow in Tcg2MeasurePeImage() |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36764 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.1208 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12006 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.11929 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12012 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12064 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12071 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12033 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12125 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36764 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-36764
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x5x7-rwjh-wbb7 |
|
| 43 |
| url |
VCID-xb4u-976f-efdb |
| vulnerability_id |
VCID-xb4u-976f-efdb |
| summary |
edk2: Insufficient input validation in MdeModulePkg may lead to privilege escalation |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-11098 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16976 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17141 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17194 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16972 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17062 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17118 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17094 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.17047 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00054 |
| scoring_system |
epss |
| scoring_elements |
0.16986 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-11098 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-11098
|
| risk_score |
2.9 |
| exploitability |
0.5 |
| weighted_severity |
5.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xb4u-976f-efdb |
|
| 44 |
| url |
VCID-xbzy-jfjd-j3ew |
| vulnerability_id |
VCID-xbzy-jfjd-j3ew |
| summary |
edk2: invalid server certificate accepted in HTTPS-over-IPv6 boot |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14553 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.29908 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.29952 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.3 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.29813 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.29876 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.29911 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.29917 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.29871 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00113 |
| scoring_system |
epss |
| scoring_elements |
0.29822 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14553 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14553
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xbzy-jfjd-j3ew |
|
| 45 |
| url |
VCID-yyqe-rr6t-c3hd |
| vulnerability_id |
VCID-yyqe-rr6t-c3hd |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-48733 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03368 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03356 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03409 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03388 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03384 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03317 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.0334 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-48733 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-48733
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
6.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yyqe-rr6t-c3hd |
|
| 46 |
| url |
VCID-z1gk-5f8t-tqau |
| vulnerability_id |
VCID-z1gk-5f8t-tqau |
| summary |
edk2: Predictable TCP Initial Sequence Numbers |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45236 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59161 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59197 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59185 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59149 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59201 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59214 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59234 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00376 |
| scoring_system |
epss |
| scoring_elements |
0.59216 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-45236 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-45236
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z1gk-5f8t-tqau |
|
| 47 |
| url |
VCID-z6dd-929s-n7cr |
| vulnerability_id |
VCID-z6dd-929s-n7cr |
| summary |
edk2: insufficient memory write in SMM service leads to privilege escalation |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12182 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.26389 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.26281 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.26386 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.2634 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.2644 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.26484 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.26258 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.26326 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00095 |
| scoring_system |
epss |
| scoring_elements |
0.26377 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12182 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12182
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z6dd-929s-n7cr |
|
| 48 |
| url |
VCID-zwx2-8yhh-7yef |
| vulnerability_id |
VCID-zwx2-8yhh-7yef |
| summary |
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-38805 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13082 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13172 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13134 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13205 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.1327 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.1307 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13152 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13203 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-38805 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-38805
|
| risk_score |
2.9 |
| exploitability |
0.5 |
| weighted_severity |
5.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zwx2-8yhh-7yef |
|