An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, callback function SmmCreateVariableLockList () calls CreateVariableLockListInSmm (). In CreateVariableLockListInSmm (), it uses StrSize () to get variable name size and it could lead to a buffer over-read.
An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, SmmUpdateVariablePropertySmi () is a SMM callback function and it uses StrCmp () to compare variable names. This action may cause a buffer over-read.
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.
Information disclosure while parsing the OCI IE with invalid length.
Information disclosure while handling T2LM Action Frame in WLAN Host.
Information disclosure while handling beacon probe frame during scan entry generation in client side.
INformation disclosure while handling Multi-link IE in beacon frame.
Information disclosure in Video while parsing mp2 clip with invalid section length.
Information disclosure in modem due to buffer over-red while performing checksum of packet received
Windows NFS Portmapper Information Disclosure Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.
Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
Information disclosure while handling beacon or probe response frame in STA.
Information disclosure while handling SA query action frame.
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
Information disclosure due to buffer over-read in Modem while parsing DNS hostname.
Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header.
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.
Information disclosure due to buffer over-read in modem while reading configuration parameters.
Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets.
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet
Information disclosure in modem due to buffer over read in dns client due to missing length check
Information disclosure in modem due to improper check of IP type while processing DNS server query
Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message
Information disclosure in modem due to buffer over-read while processing response from DNS server
DHCP Server Service Information Disclosure Vulnerability
Information disclosure due to buffer over-read while parsing DNS response packets in Modem.