Search Insyde.com

Insyde's Security Pledge

Recent Security Advisories

Security Advisory Archives

BIOS & BMC

InsydeH2O | June 10, 2025 : SA-2025002

Link	Summary	CVSS Score
INSYDE-SA-2025002	SecureFlashDxe: Incorrect UEFI variable attributes check allows usage of invalid certificate.	7.8

InsydeH2O | June 10, 2025 : SA-2025001

Link	Summary	CVSS Score
INSYDE-SA-2025001	[OpenSSL]Timing side-channel in ECDSA signature computation.	Low

InsydeH2O | May 13, 2025 : SA-2024016

Link	Summary	CVSS Score
INSYDE-SA-2024016	VariableRuntimeDxe: Unsafe functions may cause buffer over-read.	5.3

InsydeH2O | April 8, 2025 : SA-2024021

Link	Summary	CVSS Score
INSYDE-SA-2024021	Howyar Reloader UEFI Application vulnerable to execution of unsigned software in a hardcoded path.	6.7

InsydeH2O | April 8, 2025 : SA-2024015

Link	Summary	CVSS Score
INSYDE-SA-2024015	AcpiS3SaveDxe/ChipsetSvcDxe: A potential DXE memory corruption vulnerability	7.2

Supervyse | February 11, 2025 : SA-2024017

Link	Summary	CVSS Score
INSYDE-SA-2024017	Upgrade curl to 8.11.1	3.7-5.3

InsydeH2O | February 11, 2025 : SA-2024014

Link	Summary	CVSS Score
INSYDE-SA-2024014	TcgMor: Potential memory leak vulnerability	5.3

InsydeH2O | November 12, 2024 : SA-2024007

Link	Summary	CVSS Score
INSYDE-SA-2024007	IhisiServiceSmm: A vulnerability in the module could allow an attacker to modify UEFI variables.	5.3

Supervyse | October 8, 2024 : SA-2024011

Link	Summary	CVSS Score
INSYDE-SA-2024011	Upgrade curl to v8.10.1.	See in Description

Supervyse | October 8, 2024 : SA-2024010

Link	Summary	CVSS Score
INSYDE-SA-2024010	Upgrade BIND to v9.18.28.	See in Description

Supervyse | September 10, 2024 : SA-2024009

Link	Summary	CVSS Score
INSYDE-SA-2024009	Upgrade OpenSSL to 3.2.1.	Low

InsydeH2O | September 10, 2024 : SA-2024006

Link	Summary	CVSS Score
INSYDE-SA-2024006	[EDK2] FirmwarePerformancePei: Potential UINT32 overflow and subsequent divide by 0.	5.3

Back to Security Pledge