Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

275 matches found

Vulnrichment
Vulnrichmentadded 2024/06/10 12:0 a.m.12 views

CVE-2024-26507

An issue in FinalWire AIRDA Extreme, AIDA64 Engineer, AIDA64 Business, AIDA64 Network Audit v.7.00.6700 and before allows a local attacker to escalate privileges via the DeviceIoControl call associated with MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages components...

6.9AI score0.0007EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/06/10 12:0 a.m.24 views

CVE-2024-34332

An issue in SiSoftware SANDRA v31.66 SANDRA.sys 15.18.1.1 and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API...

0.00035EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/06/10 12:0 a.m.2 views

SiSoftware SANDRA Security Vulnerability

SiSoftware SANDRA is a benchmarking, system diagnostic and analysis tool from SiSoftware UK. A security vulnerability exists in SiSoftware SANDRA version 31.66 and earlier, which originates from an attacker who has elevated privileges by sending a crafted buffer to the kernel driver using the...

7.8CVSS6.8AI score0.00035EPSS
Exploits0References2
CVE
CVEadded 2024/06/10 12:0 a.m.49 views

CVE-2024-26507

The CVE-2024-26507 issue affects FinalWire AIRDA Extreme, AIDA64 Engineer, AIDA64 Business, and AIDA64 Network Audit v7.00.6700 and earlier. The vulnerability enables local privilege escalation via a DeviceIoControl call linked to MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLo...

7.8CVSS7.1AI score0.0007EPSS
Exploits0References1
NVD
NVDadded 2024/04/26 10:15 p.m.7 views

CVE-2024-30804

An issue discovered in the DeviceIoControl component in ASUS FanXpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests...

9.8CVSS7.4AI score0.00219EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/04/26 12:0 a.m.13 views

CVE-2024-30804

An issue discovered in the DeviceIoControl component in ASUS FanXpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests...

7.7AI score0.00219EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/04/26 12:0 a.m.13 views

CVE-2024-30804

An issue discovered in the DeviceIoControl component in ASUS FanXpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests...

7.8AI score0.00219EPSS
Exploits1References1
CVE
CVEadded 2024/04/26 12:0 a.m.72 views

CVE-2024-30804

The affected product is ASUS Fan Xpert (versions prior to 10013). The vulnerability lies in the DeviceIoControl handling, with a likely buffer overflow in the AsInsHelp64.sys driver that enables arbitrary code execution via crafted IOCTL requests. Exploitation details are present in connected doc...

9.8CVSS7.7AI score0.00219EPSS
Exploits1References1
Exploit DB
Exploit DBadded 2023/06/26 12:0 a.m.357 views

Windows 11 22h2 - Kernel Privilege Elevation

// Exploit Title: Windows 11 22h2 - Kernel Privilege Elevation // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : webapps // Vendor Homepage: // Tested on: Windows/Linux // CVE : CVE-2023-28293 include include // The vulnerable driver file name const ch...

7.8CVSS8.8AI score0.08724EPSS
Exploits4
GithubExploit
GithubExploitadded 2023/04/05 2:5 a.m.537 views

Exploit for Untrusted Pointer Dereference in Microsoft

It is an exploit module targeting Apache HTTP Server. The target...

7.8CVSS8.6AI score0.74422EPSS
Exploits12
Gitee
Giteeadded 2021/11/18 9:46 p.m.4 views

OffensiveRust

This is a collection of Rust code snippets, each implementing a different type of exploit or malicious functionality. The code is organized into several subdirectories, each containing a specific exploit or tool. Here's a summary of the code and its functionality: 1. AllocateWithSyscalls: This co...

7.5AI score
Exploits0
0day.today
0day.todayadded 2021/09/23 12:0 a.m.170 views

Redragon Gaming Mouse - (REDRAGON_MOUSE.sys) Denial Of Service Exploit

Exploit Title: Redragon Gaming Mouse - 'REDRAGONMOUSE.sys' Denial-Of-Service PoC Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.redragonzone.com/pages/download Reference:...

7.4AI score
Exploits0
GithubExploit
GithubExploitadded 2021/06/21 1:59 a.m.426 views

Exploit for CVE-2021-29337

CVE-2021-29337 - Privilege Escalation in MODAPI.sys MSI Drago...

7.8CVSS7.5AI score0.00221EPSS
Exploits1
CNVD
CNVDadded 2021/04/12 12:0 a.m.4 views

ASUS GPUTweak II Buffer Overflow Vulnerability (CNVD-2021-28253)

ASUS GPUTweak II is a driver from ASUS China. It is used to drive more FPS. A buffer overflow vulnerability exists in ASUS GPUTweak II versions prior to 2.3.0.3, which allows a low-privileged user to obtain NT AUTHORITYSYSTEM privileges via DeviceIoControl. No details of the vulnerability are...

7.8CVSS7.1AI score0.00044EPSS
Exploits0References1
CNVD
CNVDadded 2021/04/12 12:0 a.m.5 views

ASUS GPUTweak II Buffer Overflow Vulnerability

ASUS GPUTweak II is a driver from ASUS China. It is used to drive more FPS. A buffer overflow vulnerability exists in ASUS GPUTweak II versions prior to 2.3.0.3, which allows a less privileged user to implement a denial of service via DeviceIoControl. No detailed vulnerability details are provide...

5.5CVSS7AI score0.00059EPSS
Exploits0References1
NVD
NVDadded 2021/04/08 11:15 a.m.13 views

CVE-2021-28685

AsIO264.sys and AsIO232.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process and to interact with MSR registers. This cou...

7.8CVSS0.00044EPSS
Exploits0References2
NVD
NVDadded 2021/04/08 11:15 a.m.11 views

CVE-2021-28686

AsIO264.sys and AsIO232.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. This could enable low-privileged users to achieve Denial of Service via a DeviceIoControl...

5.5CVSS0.00059EPSS
Exploits0References2
Prion
Prionadded 2021/04/08 11:15 a.m.13 views

Stack overflow

AsIO264.sys and AsIO232.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. This could enable low-privileged users to achieve Denial of Service via a DeviceIoControl...

2.1CVSS5.5AI score0.00059EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2021/04/08 11:15 a.m.3 views

CVE-2021-28685

AsIO264.sys and AsIO232.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process and to interact with MSR registers. This cou...

7.8CVSS5.2AI score0.00044EPSS
Exploits0References3
Prion
Prionadded 2021/04/08 11:15 a.m.17 views

Design/Logic Flaw

AsIO264.sys and AsIO232.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process and to interact with MSR registers. This cou...

7.2CVSS7.3AI score0.00044EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder