| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12053 | egwindrvx64.sys is potentially vulnerable to a buffer overflow | Insyde Software | InsydeH2O tools | High | 7.8 | 2026-01-14 01:27:12 | Deep Dive |
| CVE-2025-12052 | egwindrv.sys is potentially vulnerable to a buffer overflow. | Insyde Software | InsydeH2O tools | High | 7.8 | 2026-01-14 01:23:55 | Deep Dive |
| CVE-2025-12051 | H2OFFT64.sys is potentially vulnerable to a buffer overflow. | Insyde Software | InsydeH2O tools | High | 7.8 | 2026-01-14 01:17:55 | Deep Dive |
| CVE-2025-12050 | In H2OFFT32.sys is potentially vulnerable to a buffer overflow. | Insyde Software | InsydeH2O tools | High | 7.8 | 2026-01-14 01:13:33 | Deep Dive |
| CVE-2025-10451 | H19Int15CallbackSmm: SMM memory corruption vulnerability in combined DXE/SMM (SMRAM write) | Insyde Software | InsydeH2O | High | 8.2 | 2025-12-12 00:28:53 | Deep Dive |
| CVE-2025-4410 | SetupUtility: A buffer overflow vulnerability leads to arbitrary code execution. | Insyde Software | InsydeH2O | High | 7.5 | 2025-08-13 01:49:48 | Deep Dive |
| CVE-2025-4277 | Tcg2Smm: improper input validation may lead to arbitrary code execution | Insyde Software | InsydeH2O | High | 7.5 | 2025-08-13 01:46:23 | Deep Dive |
| CVE-2025-4276 | UsbCoreDxe: improper input validation may lead to arbitrary code execution | Insyde Software | InsydeH2O | High | 7.5 | 2025-08-13 01:41:57 | Deep Dive |
| CVE-2025-4426 | SetupAutomationSmm : SMRAM memory contents leak / information disclosure vulnerability in SMM module | Insyde Software | InsydeH2O | Medium | 6.0 | 2025-07-30 00:46:28 | Deep Dive |
| CVE-2025-4425 | SetupAutomationSmm: Stack overflow vulnerability in SMI handler | Insyde Software | InsydeH2O | High | 8.2 | 2025-07-30 00:45:33 | Deep Dive |
| CVE-2025-4424 | SetupAutomationSmm : Arbitrary calls to SmmSetVariable with unsanitised arguments in SMI handler | Insyde Software | InsydeH2O | Medium | 6.0 | 2025-07-30 00:43:54 | Deep Dive |
| CVE-2025-4423 | SetupAutomationSmm:Vulnerability in the SMM module allow attacker to write arbitrary code and lead to memory corruption | Insyde Software | InsydeH2O | High | 8.2 | 2025-07-30 00:42:02 | Deep Dive |
| CVE-2025-4422 | EfiSmiServices : EfiPcdProtocol, SMM memory corruption vulnerabilities in SMM module | Insyde Software | InsydeH2O | High | 8.2 | 2025-07-30 00:40:48 | Deep Dive |
| CVE-2025-4421 | EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module | Insyde Software | InsydeH2O | High | 8.2 | 2025-07-30 00:39:28 | Deep Dive |
| CVE-2025-4275 | SecureFlashDxe: Incorrect UEFI variable attributes check allows usage of invalid certificate | Insyde Software | InsydeH2O | High | 7.8 | 2025-06-11 00:25:18 | Deep Dive |