Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

31 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2021-30262

Malicious code in bioql PyPI...

8.2CVSS8.3AI score0.00133EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-54678

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00062EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-24533

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00026EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-33618

Malicious code in bioql PyPI...

8.2CVSS8AI score0.00126EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/08/15 2:36 a.m.1 views

CVE-2025-4276

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

7.5CVSS8.1AI score0.00026EPSS
Exploits0References1
NVD
NVDadded 2025/08/13 2:15 a.m.3 views

CVE-2025-4276

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

7.5CVSS0.00026EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/13 1:41 a.m.4 views

CVE-2025-4276 UsbCoreDxe: improper input validation may lead to arbitrary code execution

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

7.5CVSS0.00026EPSS
Exploits0References1
CVE
CVEadded 2025/08/13 1:41 a.m.10 views

CVE-2025-4276

CVE-2025-4276 affects UsbCoreDxe (EFI/UEFI) and related InsydeH2O implementations. The vulnerability stems from an ability to write to arbitrary memory in SMRAM, enabling arbitrary code execution at System Management Mode (SMM). Reported impact is execution of code with SMM privileges and potenti...

7.5CVSS8AI score0.00026EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/13 1:41 a.m.1 views

CVE-2025-4276 UsbCoreDxe: improper input validation may lead to arbitrary code execution

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

7.5CVSS8AI score0.00026EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/13 12:0 a.m.2 views

PT-2025-32957 · Unknown · Usbcoredxe

Name of the Vulnerable Software and Affected Versions: UsbCoreDxe affected versions not specified Description: UsbCoreDxe contains a flaw that allows writing to arbitrary memory locations within the System Management RAM SMRAM. Successful exploitation of this issue can lead to arbitrary code...

7.5CVSS6.9AI score0.00026EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/06/14 12:21 a.m.1 views

CVE-2024-55567

Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary...

7.5CVSS7.7AI score0.00062EPSS
Exploits0References1
OSV
OSVadded 2025/06/12 5:15 p.m.0 views

CVE-2024-55567

Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary...

6.7CVSS6AI score
Exploits0References1
Cvelist
Cvelistadded 2025/06/12 12:0 a.m.4 views

CVE-2024-55567

Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary...

7.5CVSS0.00062EPSS
Exploits0References1
CVE
CVEadded 2025/06/12 12:0 a.m.49 views

CVE-2024-55567

CVE-2024-55567 affects InsydeH2O kernel (Insyde USB core) with a flaw in UsbCoreDxe that allows an SMM-level write of arbitrary memory due to improper input validation. Affected versions include InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.0...

7.5CVSS7.9AI score0.00062EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2025/06/12 12:0 a.m.0 views

Insyde InsydeH2O kernel 安全漏洞

Insyde InsydeH2O kernel is a program kernel for updating computer BIOS from Insyde, a Chinese company. A security vulnerability exists in the Insyde InsydeH2O kernel, which stems from improper validation of UsbCoreDxe inputs and could lead to the execution of arbitrary code at the SMM level. The...

7.5CVSS7.1AI score0.00062EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/06/12 12:0 a.m.2 views

CVE-2024-55567

Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary...

7.5CVSS7.7AI score0.00062EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:18 a.m.7 views

CVE-2022-30283

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB...

7.5CVSS7.5AI score0.00074EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:58 a.m.5 views

CVE-2022-29275

In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: versi...

8.2CVSS7.3AI score0.00126EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:35 p.m.6 views

CVE-2021-43323

An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 before 05.43.45, 5.3 before 05.35.45, 5.2 before 05.26.45, 5.1 before 05.16.45, and 5.0 before 05.08.45. An SMM callout vulnerability allows an attacker to hijack execution flow of code running in Syste...

8.2CVSS7AI score0.00133EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2023/09/26 12:0 a.m.40 views

Siemens InsydeH2O SMM Privilege Escalation (CVE-2021-43323)

An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 before 05.43.45, 5.3 before 05.35.45, 5.2 before 05.26.45, 5.1 before 05.16.45, and 5.0 before 05.08.45. An SMM callout vulnerability allows an attacker to hijack execution flow of code running in Syste...

8.2CVSS8.2AI score0.00133EPSS
Exploits0References4
Rows per page
Query Builder