CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2020/06/23 7:7 p.m.•41 views

CVE-2020-14974

The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes even ones running as SYSTEM that hold a handle, via IOCTL code 0x222124...

7AI score0.00897EPSS

CVE•added 2020/06/23 7:6 p.m.•52 views

CVE-2020-14975

CVE-2020-14975 concerns the IOBit Unlocker 1.1.2 driver. The vulnerability allows a low-privilege user to delete, move, or copy arbitrary files through IOCTL code 0x222124. The issue is tied to the driver’s handling of that IOCTL, per multiple connected sources (e.g., NVD/Red Hat/CNVD listings) d...

7.8CVSS7.6AI score0.00598EPSS

Cvelist•added 2020/06/23 7:6 p.m.•30 views

CVE-2020-14975

The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124...

7.7AI score0.00598EPSS

NVD•added 2020/06/22 9:15 p.m.•14 views

CVE-2020-14990

IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link...

7.1CVSS0.00507EPSS

Prion•added 2020/06/22 9:15 p.m.•14 views

Arbitrary file deletion

3.6CVSS7AI score0.00507EPSS

CVE•added 2020/06/22 8:53 p.m.•43 views

CVE-2020-14990

CVE-2020-14990 affects IOBit Advanced SystemCare Free 13.5.0.263. Local attackers can gain privileges to delete files by manipulating the Clean & Optimize feature using an NTFS junction and an Object Manager symbolic link. The description explicitly links the vulnerability to local privilege esca...

7.1CVSS7AI score0.00507EPSS

Cvelist•added 2020/06/22 8:53 p.m.•12 views

CVE-2020-14990

7.1AI score0.00507EPSS

Packet Storm•added 2020/06/04 12:0 a.m.•244 views

IObit Uninstaller 9.5.0.15 Unquoted Service Path

Title: IObit Uninstaller 9.5.0.15 - 'IObit Uninstaller Service' Unquoted Service Path Author: Gobinathan L Date: 2020-06-03 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version : 9.5.0.15 Tested on: Windows 10 64bitEN About Unquoted Servic...

0.2AI score

0day.today•added 2020/06/04 12:0 a.m.•46 views

IObit Uninstaller 9.5.0.15 - (IObit Uninstaller Service) Unquoted Service Path Vulnerability

Title: IObit Uninstaller 9.5.0.15 - 'IObit Uninstaller Service' Unquoted Service Path Author: Gobinathan L Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version : 9.5.0.15 Tested on: Windows 10 64bitEN About Unquoted Service Path :...

0.1AI score

0day.today•added 2019/10/23 12:0 a.m.•87 views

IObit Uninstaller 9.1.0.8 - (IObitUnSvr) Unquoted Service Path Vulnerability

Title: IObit Uninstaller 9.1.0.8 - 'IObitUnSvr' Unquoted Service Path Author: Sainadh Jamalpur Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version : 9.1.0.8 Tested on: Windows 10 64bitEN CVE : N/A 1. Description: Unquoted service paths in...

0.2AI score

Packet Storm•added 2019/10/23 12:0 a.m.•154 views

IObit Uninstaller 9.1.0.8 IObitUnSvr Unquoted Service Path

Title: IObit Uninstaller 9.1.0.8 - 'IObitUnSvr' Unquoted Service Path Author: Sainadh Jamalpur Date: 2019-10-22 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version : 9.1.0.8 Tested on: Windows 10 64bitEN CVE : N/A 1. Description: Unquoted...

0.1AI score

exploitpack•added 2019/10/23 12:0 a.m.•19 views

IObit Uninstaller 9.1.0.8 - IObitUnSvr Unquoted Service Path

IObit Uninstaller 9.1.0.8 - IObitUnSvr Unquoted Service Path Title: IObit Uninstaller 9.1.0.8 - 'IObitUnSvr' Unquoted Service Path Author: Sainadh Jamalpur Date: 2019-10-22 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version : 9.1.0.8...

0.1AI score

OSV•added 2019/04/30 3:29 p.m.•2 views

CVE-2019-6494

IMFForceDelete.sys in IObit Malware Fighter 6.2 allows a low privileged user to send IOCTL 0x8016E000 along with a user defined string to a file; that file will be promptly deleted regardless of access controls...

6.5CVSS6.6AI score0.01107EPSS

Exploits1References1

NVD•added 2019/04/30 3:29 p.m.•16 views

CVE-2019-6494

6.5CVSS6.3AI score0.01107EPSS

Exploits1References1

Prion•added 2019/04/30 3:29 p.m.•17 views

Design/Logic Flaw

5.5CVSS6.3AI score0.01107EPSS

Exploits1References1Affected Software1

CVE•added 2019/04/30 2:24 p.m.•56 views

CVE-2019-6494

CVE-2019-6494 concerns IMFForceDelete.sys in IObit Malware Fighter 6.2. A low-privileged user can send IOCTL 0x8016E000 with a user-supplied string to a file, causing that file to be deleted regardless of access controls. The connected Red Hat and NVD entries corroborate the same description acro...

6.5CVSS6.3AI score0.01107EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/04/30 2:24 p.m.•21 views

CVE-2019-6494

6.4AI score0.01107EPSS

Exploits1References1

Prion•added 2019/04/11 8:29 p.m.•11 views

Design/Logic Flaw

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...

2.1CVSS5.4AI score0.0049EPSS

CVE•added 2019/04/11 7:34 p.m.•49 views

CVE-2019-6493

CVE-2019-6493 affects IObit Smart Defrag 6 (SmartDefragDriver.sys, v2.0). The issue arises because the driver never frees an executable kernel pool allocated with user-defined bytes and size when IOCTL 0x9C401CC0 is invoked, allowing a leak of a kernel pointer if the pool becomes a “big” pool. Co...

5.5CVSS5.3AI score0.0049EPSS