Vulnerabilities > Insyde > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-01 | CVE-2023-39281 | Out-of-bounds Write vulnerability in Insyde Insydeh2O A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase. | 9.8 |
| 2022-03-03 | CVE-2021-38578 | Out-of-bounds Write vulnerability in multiple products Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. | 9.8 |