📦 Kernel

This vulnerability in InsydeH2O UEFI firmware allows attackers to bypass input validation in the VariableRuntimeDxe driver's SecureBootHandler. Attackers can supply untrusted DataSize and VariableName...

CVE-2021-38578 is a buffer underflow vulnerability in Tianocore EDK II's System Management Mode (SMM) entry point that allows attackers to corrupt SMRAM memory. This affects systems using vulnerable U...

This vulnerability allows attackers to perform arbitrary writes in DXE memory by manipulating NVRAM variables, potentially leading to arbitrary code execution. It affects Insyde InsydeH2O firmware wit...