Vulnerabilities > Insyde
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-03 | CVE-2020-5953 | A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. | 7.5 |
| 2022-02-03 | CVE-2021-43522 | Out-of-bounds Write vulnerability in Insyde Insydeh2O An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 2021-11-08, 5.2 through 2021-11-08, and 5.3 through 2021-11-08. | 7.5 |
| 2022-02-03 | CVE-2022-24069 | Unspecified vulnerability in Insyde Insydeh2O An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. | 8.2 |
| 2022-01-06 | CVE-2021-41842 | Unspecified vulnerability in Insyde Insydeh2O An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. | 9.8 |
| 2022-01-06 | CVE-2021-45971 | Out-of-bounds Write vulnerability in Insyde Insydeh2O An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. | 8.2 |
| 2022-01-05 | CVE-2020-5956 | Improper Input Validation vulnerability in Insyde Insydeh2O An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. | 7.5 |
| 2022-01-05 | CVE-2021-45969 | Out-of-bounds Write vulnerability in Insyde Insydeh2O An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. | 8.2 |
| 2022-01-05 | CVE-2021-45970 | Out-of-bounds Write vulnerability in Insyde Insydeh2O An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. | 8.2 |
| 2021-12-01 | CVE-2021-38575 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. | 8.1 |
| 2021-11-03 | CVE-2020-5955 | Unspecified vulnerability in Insyde Insydeh2O Uefi Bios An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. | 9.8 |