Search for packages
| purl | pkg:deb/debian/edk2@0~20161202.7bbe0b3e-1%2Bdeb9u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-12pz-n6cq-3kg9
Aliases: CVE-2021-28210 |
edk2: unlimited FV recursion, round 2 |
Affected by 25 other vulnerabilities. |
|
VCID-2atx-ce9g-tbds
Aliases: CVE-2024-1298 |
edk2: Temporary DoS vulnerability |
Affected by 9 other vulnerabilities. |
|
VCID-2nzx-2ymt-kuhv
Aliases: CVE-2021-38575 |
edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe |
Affected by 9 other vulnerabilities. |
|
VCID-5czu-f7hq-v3bf
Aliases: CVE-2023-45229 |
edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message |
Affected by 9 other vulnerabilities. |
|
VCID-7snr-xbcq-n7bn
Aliases: CVE-2019-14587 |
edk2: double-unmap issue in SdMmcCreateTrb function in MdeModulePkg/Bus/Pci/SdMmcPciHcDxe/SdMmcPciHci.c |
Affected by 25 other vulnerabilities. |
|
VCID-8u8r-kpy1-sua4
Aliases: CVE-2021-28211 |
edk2: possible heap corruption with LzmaUefiDecompressGetInfo |
Affected by 25 other vulnerabilities. |
|
VCID-9j1j-68kv-ufhn
Aliases: CVE-2022-36763 |
EDK2: heap buffer overflow in Tcg2MeasureGptTable() |
Affected by 9 other vulnerabilities. |
|
VCID-b7a9-w2fs-dbh7
Aliases: CVE-2024-38797 |
edk2: Out-of-bounds Read in EDK2 |
Affected by 25 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-bev8-5pts-ryh5
Aliases: CVE-2019-14563 |
edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib |
Affected by 25 other vulnerabilities. |
|
VCID-bfkk-ttfx-u3bb
Aliases: CVE-2021-28213 |
edk2: encrypted private key in the IpSecDxe.efi present potential security risks |
Affected by 25 other vulnerabilities. |
|
VCID-ckyc-4ewv-dyhx
Aliases: CVE-2019-14586 |
edk2: potential use-after-free due to the original configuration runtime memory is freed but it is still exposed to the OS runtime |
Affected by 25 other vulnerabilities. |
|
VCID-cqwr-6xc1-z7dy
Aliases: CVE-2018-12180 |
edk2: Buffer Overflow in BlockIo service for RAM disk |
Affected by 41 other vulnerabilities. |
|
VCID-dst7-q1b4-63ft
Aliases: CVE-2018-12181 |
edk2: Stack buffer overflow with corrupted BMP |
Affected by 41 other vulnerabilities. |
|
VCID-fjff-f33s-5yen
Aliases: CVE-2019-14575 |
edk2: DxeImageVerificationHandler() fails open in case of dbx signature check |
Affected by 25 other vulnerabilities. |
|
VCID-fxxz-zj2j-1qdz
Aliases: CVE-2023-45233 |
edk2: Infinite loop when parsing a PadN option in the Destination Options header |
Affected by 9 other vulnerabilities. |
|
VCID-h4uc-8m6s-ffhy
Aliases: CVE-2023-45232 |
edk2: Infinite loop when parsing unknown options in the Destination Options header |
Affected by 9 other vulnerabilities. |
|
VCID-ha36-4zhr-mfcu
Aliases: CVE-2023-45234 |
edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message |
Affected by 9 other vulnerabilities. |
|
VCID-hme1-vqbr-qydz
Aliases: CVE-2022-36765 |
EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W |
Affected by 9 other vulnerabilities. |
|
VCID-jru9-qcjy-93d1
Aliases: CVE-2019-14562 |
edk2: DxeImageVerificationHandler integer overflow leads to endless loop |
Affected by 25 other vulnerabilities. |
|
VCID-k7n3-f3ej-tqa9
Aliases: CVE-2025-2486 |
edk2: edk2: UEFI Shell access in Secure Boot environments allows bypass of Secure Boot constraints |
Affected by 25 other vulnerabilities. |
|
VCID-k7zd-s9nc-r3hb
Aliases: CVE-2025-3770 |
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability. |
Affected by 25 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-mfbp-ej43-hbh5
Aliases: CVE-2019-14558 |
edk2: potentially leaking of secret information due to uncleared memory |
Affected by 25 other vulnerabilities. |
|
VCID-mg21-k76s-sqfp
Aliases: CVE-2024-13176 |
openssl: Timing side-channel in ECDSA signature computation |
Affected by 25 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-mgbq-zh3v-uudp
Aliases: CVE-2019-14584 |
edk2: NULL pointer dereference in AuthenticodeVerify() |
Affected by 25 other vulnerabilities. |
|
VCID-nqk5-vmve-d3cq
Aliases: CVE-2021-38576 |
A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system. |
Affected by 9 other vulnerabilities. |
|
VCID-pf73-medx-quet
Aliases: CVE-2021-28216 |
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. |
Affected by 9 other vulnerabilities. |
|
VCID-q448-gmmp-pkaa
Aliases: CVE-2019-0161 |
edk2: stack overflow in XHCI causing denial of service |
Affected by 41 other vulnerabilities. |
|
VCID-q4pf-fuwv-d3e3
Aliases: CVE-2018-12178 |
edk2: improper DNS packet size check |
Affected by 41 other vulnerabilities. |
|
VCID-qbgw-q6yb-g7d3
Aliases: CVE-2018-12179 |
edk2: improper configuration insystem firmware leads to privilege escalation |
Affected by 25 other vulnerabilities. |
|
VCID-quq1-8rke-c3gf
Aliases: CVE-2023-45237 |
edk2: Use of a Weak PseudoRandom Number Generator |
Affected by 25 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-r48c-b4df-ffhx
Aliases: CVE-2025-2295 |
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. |
Affected by 25 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-r575-k7j8-hbfy
Aliases: CVE-2021-38578 |
edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation |
Affected by 9 other vulnerabilities. |
|
VCID-s1qw-sn4h-xyfe
Aliases: CVE-2018-12183 |
edk2: stack overflow in DxeCore leads to privilege escalation |
Affected by 41 other vulnerabilities. |
|
VCID-s69t-vde7-1fem
Aliases: CVE-2019-0160 |
edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media |
Affected by 41 other vulnerabilities. |
|
VCID-sd4b-3g4z-mubq
Aliases: CVE-2025-2296 |
edk2: EDK2: Improper Input Validation allows arbitrary command execution |
Affected by 25 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-u9mt-wbe7-yfb6
Aliases: CVE-2023-45230 |
edk2: Buffer overflow in the DHCPv6 client via a long Server ID option |
Affected by 9 other vulnerabilities. |
|
VCID-v17c-bytr-6qe4
Aliases: CVE-2023-45235 |
edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message |
Affected by 9 other vulnerabilities. |
|
VCID-vzd4-6nza-4bgx
Aliases: CVE-2024-38796 |
edk2: Integer overflows in PeCoffLoaderRelocateImage |
Affected by 9 other vulnerabilities. |
|
VCID-w1dc-2k92-u7ha
Aliases: CVE-2019-14559 |
edk2: memory leak in ArpOnFrameRcvdDpc |
Affected by 25 other vulnerabilities. |
|
VCID-w7z8-86tz-87eb
Aliases: CVE-2023-45231 |
edk2: Out of Bounds read when handling a ND Redirect message with truncated options |
Affected by 9 other vulnerabilities. |
|
VCID-x5x7-rwjh-wbb7
Aliases: CVE-2022-36764 |
EDK2: heap buffer overflow in Tcg2MeasurePeImage() |
Affected by 9 other vulnerabilities. |
|
VCID-xb4u-976f-efdb
Aliases: CVE-2019-11098 |
edk2: Insufficient input validation in MdeModulePkg may lead to privilege escalation |
Affected by 25 other vulnerabilities. |
|
VCID-xbzy-jfjd-j3ew
Aliases: CVE-2019-14553 |
edk2: invalid server certificate accepted in HTTPS-over-IPv6 boot |
Affected by 25 other vulnerabilities. |
|
VCID-yyqe-rr6t-c3hd
Aliases: CVE-2023-48733 |
security update |
Affected by 25 other vulnerabilities. |
|
VCID-z1gk-5f8t-tqau
Aliases: CVE-2023-45236 |
edk2: Predictable TCP Initial Sequence Numbers |
Affected by 25 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-zd64-tjtu-sua3
Aliases: CVE-2024-38798 |
EDK2: EDK2: Information Disclosure and Privilege Escalation via Local BIOS Access |
Affected by 25 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zwx2-8yhh-7yef
Aliases: CVE-2024-38805 |
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. |
Affected by 25 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||