Vulnerabilities > Insyde > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-06 | CVE-2021-45971 | Out-of-bounds Write vulnerability in Insyde Insydeh2O An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. | 8.2 |
| 2022-01-05 | CVE-2020-5956 | Improper Input Validation vulnerability in Insyde Insydeh2O An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. | 7.5 |
| 2022-01-05 | CVE-2021-45969 | Out-of-bounds Write vulnerability in Insyde Insydeh2O An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. | 8.2 |
| 2022-01-05 | CVE-2021-45970 | Out-of-bounds Write vulnerability in Insyde Insydeh2O An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. | 8.2 |
| 2021-12-01 | CVE-2021-38575 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. | 8.1 |
| 2021-10-01 | CVE-2021-33626 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). | 7.8 |
| 2019-08-26 | CVE-2019-12532 | Unspecified vulnerability in Insyde products Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. | 7.8 |