Filtered by vendor Insyde
Subscriptions
Filtered by product H2offt
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33834 | 1 Insyde | 2 H2offt, Iscflashx64.sys | 2024-11-21 | 7.1 High |
| An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash. | ||||
| CVE-2019-12532 | 1 Insyde | 6 H2oelv, H2offt, H2ooae and 3 more | 2024-11-21 | 7.8 High |
| Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.02~5.28, 100.00.00.00~100.00.08.23 and 200.00.00.01~200.00.00.05, H2OOAE before version 200.00.00.02, H2OSDE before version 200.00.00.07, H2OUVE before version 200.00.02.02, H2OPCM before version 100.00.06.00, H2OELV before version 100.00.02.08. | ||||
Page 1 of 1.