Lucene search
K

128 matches found

Prion
Prion
added 2022/02/18 6:15 p.m.15 views

Design/Logic Flaw

A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service system crash. IOCTL list: iobitioctl = 0x8001e01c, 0x8001e020, 0x8001e024,...

7.2CVSS8AI score0.00404EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/02/18 5:25 p.m.18 views

CVE-2021-44968

A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service system crash. IOCTL list: iobitioctl = 0x8001e01c, 0x8001e020, 0x8001e024,...

8.2AI score0.00404EPSS
Exploits1References1
CVE
CVE
added 2022/02/18 5:25 p.m.61 views

CVE-2021-44968

CVE-2021-44968 affects IObit Advanced SystemCare 15 Pro. A Use-after-Free vulnerability arises when requests are sent in sequence using the IOCTL driver codes, potentially allowing arbitrary code execution or a system crash. IOCTLs implicated include 0x8001e01c, 0x8001e020, 0x8001e024, 0x8001e040...

7.8CVSS8AI score0.00404EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/02/18 12:0 a.m.3 views

IObit Advanced SystemCare 资源管理错误漏洞

IObit Advanced SystemCare is a system management utility from IObit UK. The program is mainly used for scanning, repairing and optimizing the system, among other things. IObit Advanced SystemCare 15 pro suffers from a resource management error vulnerability that originates from sending requests...

7.8CVSS7.9AI score0.00404EPSS
Exploits1References2
NVD
NVD
added 2021/08/05 9:15 p.m.19 views

CVE-2021-21785

An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...

6.5CVSS0.00336EPSS
Exploits1References1
NVD
NVD
added 2021/08/05 9:15 p.m.12 views

CVE-2021-21791

An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet IRP can lead to privileged reads in the context of a driver which can result in sensitive information...

6.5CVSS0.00336EPSS
Exploits1References1
Prion
Prion
added 2021/08/05 9:15 p.m.16 views

Information disclosure

An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...

2.1CVSS5.1AI score0.00336EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/08/05 9:15 p.m.17 views

Information disclosure

An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet IRP can lead to privileged reads in the context of a driver which can result in sensitive information...

2.1CVSS5AI score0.0034EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/05 8:6 p.m.20 views

CVE-2021-21785

An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...

6.5CVSS5.4AI score0.00336EPSS
Exploits1References1
CVE
CVE
added 2021/08/05 8:6 p.m.60 views

CVE-2021-21785

The CVE-2021-21785 issue affects IOBit Advanced SystemCare Ultimate 14.2.0.220. TALOS details show an information-disclosure vulnerability in IOCTL 0x9c40a148, where unprivileged user data reaches HalSetBusDataByOffset via IRP handling, enabling read of device configuration and registers and thus...

6.5CVSS5.1AI score0.00336EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/05 8:5 p.m.35 views

CVE-2021-21791

An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet IRP can lead to privileged reads in the context of a driver which can result in sensitive information...

6.5CVSS5.3AI score0.00336EPSS
Exploits1References1
CVE
CVE
added 2021/08/05 8:4 p.m.63 views

CVE-2021-21790

The CVE-2021-21790 issue affects IOBit Advanced SystemCare Ultimate 14.2.0.220: a flaw in the driver’s handling of Privileged I/O read requests allows a local attacker to trigger privileged reads from the kernel via crafted IRPs, potentially disclosing sensitive kernel data. TALOS details cover C...

6.5CVSS5AI score0.00336EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2021/07/07 5:15 p.m.18 views

CVE-2021-21787

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via...

8.8CVSS0.00338EPSS
Exploits1References1
NVD
NVD
added 2021/07/07 5:15 p.m.10 views

CVE-2021-21788

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in the input buffer is the device port to write to and the word at offset 4 is the value to write via...

8.8CVSS0.00321EPSS
Exploits1References1
NVD
NVD
added 2021/07/07 5:15 p.m.13 views

CVE-2021-21786

A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability...

8.8CVSS0.00295EPSS
Exploits1References1
Prion
Prion
added 2021/07/07 5:15 p.m.12 views

Privilege escalation

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in the input buffer is the device port to write to and the word at offset 4 is the value to write via...

4.6CVSS8.8AI score0.00321EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/07 4:49 p.m.14 views

CVE-2021-21786

A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability...

8.8CVSS7.9AI score0.00295EPSS
Exploits1References1
CVE
CVE
added 2021/07/07 4:49 p.m.55 views

CVE-2021-21786

CVE-2021-21786 affects IOBit Advanced SystemCare Ultimate 14.2.0.220. The IOCTL 0x9c406144 handler processes untrusted input via IRP, calling HalGetBusDataByOffset with unconstrained data, allowing an unprivileged user to escalate privileges. TALOS-2021-1253 documents a local privilege-escalation...

8.8CVSS7.7AI score0.00295EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/07 4:40 p.m.56 views

CVE-2021-21789

Summary: CVE-2021-21789 concerns a privilege-escalation vulnerability in IOBit Advanced SystemCare Ultimate 14.2.0.220’s driver. The issue arises in the driver’s handling of Privileged I/O write requests via IOCTL 0x9c40a0e0, where the first dword of the input buffer is the target device port and...

8.8CVSS8.7AI score0.00321EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/07 4:40 p.m.22 views

CVE-2021-21789

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via...

8.8CVSS9AI score0.00321EPSS
Exploits1References1
Rows per page
Query Builder