Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde kernel 5.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-35896
An issue SMM memory leak vulnerability in SMM driver (SMRAM exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. An attacker can dump SMRAM contents via the software SMI provided by the FvbServicesRuntimeDxe driver to read the contents of SMRAM, leading to informat...
Insyde Insydeh2o
NA
CVE-2022-36338
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. An SMM callout vulnerability in the SMM driver FwBlockServiceSmm, creating SMM, leads to arbitrary code execution. An attacker can replace the pointer to the UEFI boot service GetVariable with a pointer ...
Insyde Insydeh2o
NA
CVE-2022-35408
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in ...
Insyde Insydeh2o
7.2
CVSSv2
CVE-2021-41840
An issue exists in NvmExpressDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an malicious user to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrust...
Insyde Insydeh2o
7.2
CVSSv2
CVE-2021-41841
An issue exists in AhciBusDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an malicious user to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted ...
Insyde Insydeh2o
4.6
CVSSv2
CVE-2021-41839
An issue exists in NvmExpressDxe in the kernel 5.0 up to and including 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to ...
Insyde Insydeh2o
NA
CVE-2022-32471
An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. The IhisiDxe driver uses the command buffer to pass input and output data. By modifying the command buffer contents with DMA after the input parameters have been checked but before they are u...
Insyde Insydeh2o
NA
CVE-2022-32469
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitig...
Insyde Insydeh2o
NA
CVE-2022-32470
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack c...
Insyde Insydeh2o
NA
CVE-2022-32473
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be ...
Insyde Insydeh2o
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »