Insyde's Security Pledge

Recent Security Advisories

Security Advisory Archives

BIOS & BMC

Link
Summary
CVSS Score
INSYDE-SA-2025010Buffer overflow vulnerabilities in the InsydeH2O tools.
7.8
Link
Summary
CVSS Score
INSYDE-SA-2025009H19Int15CallbackSmm: SMM memory corruption vulnerability in combined DXE/SMM (SMRAM write)
8.2
Link
Summary
CVSS Score
INSYDE-SA-2024003[EDK2]UsbKbDxe: Uncleared password keystrokes in circular queue might lead to information disclosure or escalation of privilege
5.6
Link
Summary
CVSS Score
INSYDE-SA-2025008[EDK2] Unsafe handling of IDT register on SMM entry allows arbitrary code execution with System Management Mode (SMM) privileges.
7
Link
Summary
CVSS Score
INSYDE-SA-2024022[EDK2] iSCSI Remote Memory Corruption and Denial of Service
6.3
Link
Summary
CVSS Score
INSYDE-SA-2025005UsbCoreDxe: improper input validation may lead to arbitrary code execution. Tcg2Smm: improper input validation may lead to arbitrary code execution. SetupUtility: A buffer overflow vulnerability leads to arbitrary code execution.
7.5
Link
Summary
CVSS Score
INSYDE-SA-2025006Secure Boot Forbidden Signature Database, dbx, update.
See in Description
Link
Summary
CVSS Score
INSYDE-SA-2025004[EDK2] Remote Memory Exposure in iSCSI DXE
3.5
Link
Summary
CVSS Score
INSYDE-SA-2025007Vulnerabilities in the OEM specific feature.
6.0-8.2
Link
Summary
CVSS Score
INSYDE-SA-2025003[FreeType] Upgrade FreeType to v2.13.3
See description.
Link
Summary
CVSS Score
INSYDE-SA-2024018UsbCoreDxe: Improper input validation may cause arbitrary code execution.
7.5
Link
Summary
CVSS Score
INSYDE-SA-2024019[EDK2] Integer overflows in PeCoffLoaderRelocateImage.
5.9
Back to Security Pledge