CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/05/23 4:10 a.m.•6 views

CVE-2023-39284

An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...

5.5CVSS6.9AI score0.00178EPSS

Exploits0

Circl•added 2023/11/02 11:22 p.m.•2 views

CVE-2023-39284

creationtimestamp| type| source ---|---|--- 2023-11-02 23:22:47+00:00| seen| https://t.me/cibsecurity/73483...

5.5CVSS5.5AI score0.00178EPSS

Exploits0References1

ATTACKERKB•added 2023/11/02 9:15 p.m.•1 views

CVE-2023-39284

An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...

5.5CVSS6.2AI score0.00178EPSS

Exploits0References3

OSV•added 2023/11/02 9:15 p.m.•4 views

CVE-2023-39284

An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...

5.5CVSS5.9AI score0.00178EPSS

Exploits0References2

Cvelist•added 2023/11/02 12:0 a.m.•26 views

CVE-2023-39284

An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler...

5.7AI score0.00178EPSS

Exploits0References2

CVE•added 2023/11/02 12:0 a.m.•55 views

CVE-2023-39284

CVE-2023-39284 affects Insyde InsydeH2O kernel 5.0–5.5 via IhisiServicesSmm, where arbitrary SetVariable calls in the SMI handler can pass attacker-controlled parameters. Root cause: unsanitized arguments in SMI SetVariable handling, enabling modification of protected NVRAM variables from Ring0 (...

5.5CVSS5.5AI score0.00178EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by