CVE-2019-7630

An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register MSR. Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation o...

EUVD-2019-17163

Malware in sbrugna...

Malicious code in @tiktok-frontend/app-center-connect (npm)

The package @tiktok-frontend/app-center-connect was found to contain malicious code...

Malicious code in @avocado-team/app-center-sdk-for-white-team (npm)

The package @avocado-team/app-center-sdk-for-white-team was found to contain malicious code...

Malicious code in @avocado-team/app-center-app-widget (npm)

The package @avocado-team/app-center-app-widget was found to contain malicious code...

MAL-2025-7102 Malicious code in @avocado-team/app-center-app-widget (npm)

The package @avocado-team/app-center-app-widget was found to contain malicious code...

MAL-2025-7104 Malicious code in @avocado-team/app-center-sdk-for-white-team (npm)

The package @avocado-team/app-center-sdk-for-white-team was found to contain malicious code...

Malicious code in @amber-team/app-center-utils (npm)

The package @amber-team/app-center-utils was found to contain malicious code...

MAL-2025-9564 Malicious code in @tiktok-frontend/app-center-connect (npm)

The package @tiktok-frontend/app-center-connect was found to contain malicious code...

MAL-2025-7103 Malicious code in @avocado-team/app-center-mini-landing (npm)

The package @avocado-team/app-center-mini-landing was found to contain malicious code...

MAL-2025-7049 Malicious code in @amber-team/app-center-utils (npm)

The package @amber-team/app-center-utils was found to contain malicious code...

Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023...

GIGABYTE APP Center < 19.4.22.1 Multiple Vulnerabilities

The version of GIGABYTE APP Center installed on the remote host is prior to 19.4.22.1. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.5...

GIGABYTE OC GURU II 2.08 Multiple Vulnerabilities

The version of GIGABYTE OC GURU II installed on the remote host is 2.08. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMI...

GIGABYTE APP CENTER Installed (Windows)

Binary data gigabyteappcenterwininstalled.nbin...

GIGABYTE Multiple Products Privilege Escalation Vulnerability

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges...

GIGABYTE Multiple Products Code Execution Vulnerability

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges...

VulnCheck KEV: CVE-2018-19321

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges...

GIGABYTE Multiple Products Privilege Escalation Vulnerability

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges...

CVE-2021-38681

A reflected cross-site scripting XSS vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security pat...