Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
oryginał ENCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HOpensuse Leap
OSOpensuse15.0Tianocore Edk Ii
APPTianocorewszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoSMemory
CWE
Referencje
Powiązane podatności
CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
CVE-2020-16846CRITICAL9.8⚠ KEVten sam produkt
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the...
CVE-2020-12641CRITICAL9.8⚠ KEVten sam produkt
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacha...
CVE-2020-11651CRITICAL9.8⚠ KEVten sam produkt
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process Clea...
CVE-2020-1938CRITICAL9.8⚠ KEVten sam produkt
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache To...