Vulnerabilities > Insyde > Insydeh2O > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-14 | CVE-2022-34325 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Insydeh2O DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.8 |
| 2022-09-28 | CVE-2022-36448 | Improper Input Validation vulnerability in Insyde Insydeh2O An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. | 8.2 |
| 2022-09-23 | CVE-2022-35893 | Improper Input Validation vulnerability in Insyde Insydeh2O An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. | 8.2 |
| 2022-02-03 | CVE-2021-33627 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. | 8.2 |
| 2022-02-03 | CVE-2021-41837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 7.2 |
| 2022-02-03 | CVE-2021-41838 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 7.2 |
| 2022-02-03 | CVE-2021-41839 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insyde Insydeh2O An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 8.2 |
| 2022-02-03 | CVE-2021-41840 | Allocation of Resources Without Limits or Throttling vulnerability in Insyde Insydeh2O An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 7.2 |
| 2022-02-03 | CVE-2021-41841 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Insyde Insydeh2O An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 7.2 |
| 2022-02-03 | CVE-2021-42059 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. | 7.2 |