CVE-2023-39281

MEDIUM Year: 2023
CVSS v3 Score
5.7
Medium
Weakness Type
CWE-787
View all →

Vulnerability Description

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.

Related Vulnerabilities

CVE-2020-0569

MEDIUM
CVSS:5.7(Medium)

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

CWE-7872020

CVE-2022-22312

MEDIUM
CVSS:5.7(Medium)

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Sy...

CWE-7872022

CVE-2022-22323

MEDIUM
CVSS:5.7(Medium)

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Sy...

CWE-7872022

CVE-2022-47364

MEDIUM
CVSS:5.7(Medium)

In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.

CWE-7872022

CVE-2022-47368

MEDIUM
CVSS:5.7(Medium)

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

CWE-7872022

CVE-2022-47369

MEDIUM
CVSS:5.7(Medium)

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

CWE-7872022