CVE-2024-12661

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack need...

CVE-2024-50122

In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...

CVE-2024-50122

CVE-2024-50122 is a Linux kernel vulnerability in the PCI subsystem (power control code) where a race between the power-control device rescanning and host controller probe can leave two incomplete devices and trigger a crash when removing the device via sysfs. The root cause is not fully detailed...

VulnCheck KEV: CVE-2024-1853

Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers...

CVE-2023-49595

A stack-based buffer overflow vulnerability exists in the boa rollbackcontrolcode functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

Realtek rtl819x Jungle SDK Security Vulnerability

The Realtek rtl819x Jungle SDK is a driver for a wireless LAN chip from China-based Realtek Semiconductor Realtek. A security vulnerability exists in Realtek rtl819x Jungle SDK version v3.4.11, which stems from a stack-based buffer overflow vulnerability in the boa rollbackcontrolcode function...

CVE-2024-23440

Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability. The 0x22200B IOCTL code of the Vba32m64.sys driver allows to read up to 0x802 of memory from ar arbitrary user-supplied pointer...

PT-2024-19870 · Unknown · Vba32M64.Sys +1

Name of the Vulnerable Software and Affected Versions: Vba32 Antivirus version 3.36.0 Description: The issue concerns an Arbitrary Memory Read vulnerability. The 0x22200B IOCTL code of the Vba32m64.sys driver allows reading up to 0x802 of memory from an arbitrary user-supplied pointer...

Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of Struts. The issue results from improper access control. An attacker can...

VirusBlokAda VBA32 Resource Management Error Vulnerability

VirusBlokAda VBA32 is an anti-virus software from the Belarusian company VirusBlokAda. It is used for personal computers running Microsoft Windows. It detects and eliminates computer viruses, computer worms, Trojan horses and other malware backdoors, adware, spyware, etc. in real time on demand...

Netskope Security Vulnerability

Netskope is a threat protection gateway for cloud environments from US-based Netskope. A security vulnerability exists in Netskope Client R100 and prior versions, which stems from a Windows ServiceController call to user control code that does not validate the privileges associated with the user...

CVE-2021-33834

An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...

CVE-2023-2873

A vulnerability classified as critical was found in Twister Antivirus 8. This vulnerability affects the function 0x804f2143/0x804f217f/0x804f214b/0x80800043 in the library filppd.sys of the component IoControlCode Handler. The manipulation leads to memory corruption. Local access is required to...

PT-2023-21929 · Unknown · Twister Antivirus

Name of the Vulnerable Software and Affected Versions: Twister Antivirus version 8 Description: A problematic issue has been found in the function 0x804f2158/0x804f2154/0x804f2150/0x804f215c/0x804f2160/0x80800040/0x804f214c/0x804f2148/0x804f2144/0x801120e4/0x804f213c/0x804f2140 in the library...

PT-2023-2908 · Flexihub · Flexihub

Name of the Vulnerable Software and Affected Versions: FlexiHub version 5.5.14691.0 Description: A problematic vulnerability has been found in the library fusbhub.sys of the component IoControlCode Handler, affecting the function 0x220088. This leads to a null pointer dereference. The attack must...

curl security update

7.76.1-23.el92.1 - fix FTP too eager connection reuse CVE-2023-27535 7.76.1-23 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.76.1-22 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.76.1-21 - fix POST following PUT confusion CVE-2022-32221...

Low: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

curl security update

7.76.1-23 - fix HTTP multi-header compression denial of service CVE-2023-23916 7.76.1-22 - smb/telnet: fix use-after-free when HTTP proxy denies tunnel CVE-2022-43552 7.76.1-21 - fix POST following PUT confusion CVE-2022-32221 7.76.1-20 - control code in cookie denial of service CVE-2022-35252...

Low: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Low: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Incorrect handling of control code characters in cookies CVE-2022-35252 curl: Use-after-free triggered by an HTTP pro...