Vulnerabilities > Insyde > Insydeh2O > 5.51.25

DATE CVE VULNERABILITY TITLE RISK
2022-11-14 CVE-2022-34325 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Insydeh2O
DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack.
local
high complexity
insyde CWE-367
7.8
7.8
2022-09-28 CVE-2022-36448 Improper Input Validation vulnerability in Insyde Insydeh2O
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5.
local
low complexity
insyde CWE-20
8.2
8.2
2022-09-23 CVE-2022-35893 Improper Input Validation vulnerability in Insyde Insydeh2O
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5.
local
low complexity
insyde CWE-20
8.2
8.2
2022-09-22 CVE-2022-35894 Memory Leak vulnerability in Insyde Insydeh2O
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5.
local
low complexity
insyde CWE-401
6.0
6.0
2022-09-22 CVE-2022-35408 Unspecified vulnerability in Insyde Insydeh2O
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5.
local
low complexity
insyde
8.2
8.2
2022-09-21 CVE-2022-35895 Out-of-bounds Write vulnerability in Insyde Insydeh2O
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5.
local
low complexity
insyde CWE-787
8.2
8.2
2022-02-03 CVE-2021-41837 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O.
local
low complexity
insyde siemens CWE-119
8.2
8.2
2022-02-03 CVE-2021-41838 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O.
local
low complexity
insyde siemens CWE-119
8.2
8.2
2022-02-03 CVE-2021-41841 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Insyde Insydeh2O
An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O.
local
low complexity
insyde CWE-829
8.2
8.2
2022-02-03 CVE-2021-43323 Unspecified vulnerability in Insyde Insydeh2O
An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 before 05.43.45, 5.3 before 05.35.45, 5.2 before 05.26.45, 5.1 before 05.16.45, and 5.0 before 05.08.45.
local
low complexity
insyde
8.2
8.2