Download
| Alert*
CVE-2019-14563
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2019-14575 Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2019-14559 Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access. CVE-2018-0739 Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so ... |