Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

403 matches found

Hewlett-Packard
Hewlett-Packardadded 2026/03/24 12:0 a.m.4 views

Insyde BIOS SMM Memory Corruption Security Update

A potential security vulnerability has been identified in certain HP PC products using Insyde BIOS InsydeH20 UEFI Firmware, which might allow arbitrary code execution. Insyde has released mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs...

8.2CVSS6AI score0.0002EPSS
Exploits0Affected Software20
CNNVD
CNNVDadded 2026/01/14 12:0 a.m.3 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde, China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a buffer overflow that can be caused by untrusted user-mode applications when readin...

7.8CVSS7.2AI score0.00008EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/01/14 12:0 a.m.3 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde, China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a buffer overflow that can be caused by untrusted user-mode applications when readin...

7.8CVSS7.2AI score0.00025EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:26 a.m.6 views

CVE-2021-33834

An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...

7.1CVSS7.2AI score0.00079EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:53 a.m.1 views

CVE-2022-33909

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cause SMRAM corrupti...

7CVSS6.9AI score0.00038EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:52 a.m.5 views

CVE-2022-33905

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the AhciBusDxe driver could cause SMRAM corruption through...

7CVSS6.9AI score0.00038EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:48 a.m.3 views

CVE-2022-31243

Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for the software SMI handl...

6.4CVSS7AI score0.00051EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:41 a.m.7 views

CVE-2022-35894

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The SMI handler for the FwBlockServiceSmm driver uses an untrusted pointer as the location to copy data to an attacker-specified buffer, leading to information disclosure...

6CVSS6.5AI score0.00081EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:32 a.m.2 views

CVE-2024-39707

Insyde IHISI function 0x49 can restore factory defaults for certain UEFI variables without further authentication by default, which could lead to a possible roll-back attack in certain platforms. This is fixed in: kernel 5.2, version 05.29.19; kernel 5.3, version 05.38.19; kernel 5.4, version...

5.3CVSS6.8AI score0.00064EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/12/12 12:0 a.m.1 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from unchecked output buffers and could lead to arbitrary code execution and SMM memory...

8.2CVSS7.6AI score0.0002EPSS
Exploits0References1
NVD
NVDadded 2025/11/13 10:15 a.m.1 views

CVE-2025-7704

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability...

5.4CVSS0.00055EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/13 9:12 a.m.1 views

EUVD-2025-163786

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability...

5.4CVSS6.7AI score0.00055EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/11/13 9:12 a.m.3 views

CVE-2025-7704 Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability...

5.4CVSS0.00055EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/11/13 12:0 a.m.1 views

PT-2025-46795

Name of the Vulnerable Software and Affected Versions Supermicro BMC Insyde SMASH affected versions not specified Description The Insyde SMASH shell program within Supermicro BMC contains a stacked-based overflow issue. This flaw could allow for remote code execution. Recommendations At the momen...

5.4CVSS7.7AI score0.00055EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/11/13 12:0 a.m.1 views

Supermicro BMC 安全漏洞

The SuperMicro BMC is a firmware from SuperMicro USA used in devices such as servers, top-of-rack switches or RAID devices. A security vulnerability exists in Supermicro BMC that stems from a stack-based buffer overflow in the Insyde SMASH shell program...

5.4CVSS7.3AI score0.00055EPSS
Exploits0References1
Hewlett-Packard
Hewlett-Packardadded 2025/10/24 12:0 a.m.6 views

Insyde UEFI Digital Certificate Injection

A potential security vulnerability has been identified in certain HP PC products using Insyde BIOS InsydeH20 UEFI Firmware, which might allow escalation of privilege, arbitrary code execution, denial of service, and/or information disclosure. Insyde is releasing mitigation for the potential...

7.8CVSS7.6AI score0.00072EPSS
Exploits0Affected Software116
Hewlett-Packard
Hewlett-Packardadded 2025/10/21 12:0 a.m.4 views

Insyde BIOS Buffer Overflow in certain HP ARM-Based PCs

A potential security vulnerability has been identified in certain ARM-based HP PC products using Insyde BIOS InsydeH20 UEFI Firmware, which might allow arbitrary code execution. Insyde has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and...

7.8CVSS7.3AI score0.00159EPSS
Exploits0Affected Software4
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2021-20508

Malware in sbrugna...

7.1CVSS6.9AI score0.00079EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-4127

Malware in sbrugna...

7.8CVSS7.6AI score0.00066EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-20304

Malware in sbrugna...

8.2CVSS8.3AI score0.00103EPSS
Exploits0References5
Rows per page
Query Builder