Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde kernel vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-38575
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
Tianocore Edk2
Insyde Kernel 5.0
Insyde Kernel 5.2
Insyde Kernel 5.3
Insyde Kernel 5.4
Insyde Kernel 5.5
Insyde Kernel 5.1
9.8
CVSSv3
CVE-2021-38578
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
Tianocore Edk2
Insyde Kernel 5.0
Insyde Kernel 5.2
Insyde Kernel 5.3
Insyde Kernel 5.4
Insyde Kernel 5.5
Insyde Kernel 5.1
7.5
CVSSv3
CVE-2022-30283
In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an malicious user to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a wo...
Insyde Kernel
6.4
CVSSv3
CVE-2022-33906
DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the FwBlockServiceSmm driv...
Insyde Kernel
6.4
CVSSv3
CVE-2022-33907
DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe...
Insyde Kernel
7
CVSSv3
CVE-2022-33909
DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cau...
Insyde Kernel
7
CVSSv3
CVE-2022-33983
DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressLegacy driver...
Insyde Kernel
7
CVSSv3
CVE-2022-33985
DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressDxe driver could...
Insyde Kernel
7.8
CVSSv3
CVE-2022-35407
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable ex...
Insyde Kernel
8.2
CVSSv3
CVE-2022-29276
SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue exists by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version ...
Insyde Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »