Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.2 views

SUSE CVE-2021-38578

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...

7.4CVSS6.7AI score0.00995EPSS
Exploits0References9
OSV
OSV
added 2022/01/06 12:15 a.m.3 views

CVE-2021-41842

An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handler lacks a CommBuffer check...

9.8CVSS5.9AI score0.01534EPSS
Exploits0References2
OSV
OSV
added 2022/01/06 12:15 a.m.4 views

CVE-2021-45971

An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...

8.2CVSS6AI score0.00279EPSS
Exploits0References4
OSV
OSV
added 2021/10/01 3:15 a.m.4 views

CVE-2021-33626

A vulnerability exists in SMM System Management Mode branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointerQWORD values for CommBuffer. This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code executio...

7.8CVSS7.5AI score0.00297EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/09/30 12:0 a.m.6 views

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System.Insyde InsydeH2O suffers from a memory corruption vulnerability. InsydeH2O is vulnerable to memory corruptio...

7.8CVSS7.3AI score0.00297EPSS
Exploits0References7
Rows per page
Query Builder