25 matches found
EUVD-2009-1819
Malware in sbrugna...
EUVD-2024-52766
Malicious code in bioql PyPI...
CVE-2025-1055
A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to terminate a wide range of processes running with administrative or system-level privileges, with the exception of those inherently protected ...
CVE-2024-55411
An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to perform arbitrary read and write actions via supplying crafted IOCTL requests...
CVE-2024-55411
CVE-2024-55411 affects the SUNIX Multi I/O Card, specifically the snxpcamd.sys driver (v10.1.0.0). The vulnerability allows an attacker to perform arbitrary read and write actions by sending crafted IOCTL requests to the affected driver. The root cause is exploitation of IOCTL handling within snx...
CVE-2024-55411
An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to perform arbitrary read and write actions via supplying crafted IOCTL requests...
CVE-2024-55408
An improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the driver when crafted IOCTL requests are supplied...
CVE-2024-39251
An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests...
CVE-2024-33228
An issue in the component segwindrvx64.sys of Insyde Software Corp SEG Windows Driver v100.00.07.02 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...
CVE-2024-33225
An issue in the component RTKVHD64.sys of Realtek Semiconductor Corp Realtekr High Definition Audio Function Driver v6.0.9549.1 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...
CVE-2024-33224
An issue in the component rtkio64.sys of Realtek Semiconductor Corp Realtek lO Driver v1.008.0823.2017 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...
CVE-2024-33228
CVE-2024-33228 affects Insyde Software SEG Windows Driver (v100.00.07.02), specifically the segwindrvx64.sys component. The issue allows local attackers to escalate privileges and execute arbitrary code by sending crafted IOCTL requests. Impact is described as high (privilege escalation, code exe...
CVE-2024-33226
CVE-2024-33226 affects Wistron Corporation TBT Force Power Control v1.0.0.0 via the Access64.sys component. The root cause is access-control/IOCTL handling that enables privilege escalation and arbitrary code execution when a crafted IOCTL request is sent. Public references in the connected docum...
CVE-2024-33221
An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...
CVE-2024-33223
CVE-2024-33223 affects ASUS GPU TweakII v1.4.5.2; the issue lies in the IOMap64.sys component, enabling attackers to escalate privileges and execute arbitrary code by sending crafted IOCTL requests. Mitigation from PT-Security recommends disabling IOMap64.sys until a patch is available. Documenta...
CVE-2024-33222
CVE-2024-33222 affects the ASUS ATSZIO Driver (v0.2.1.7) via its ATSZIO64.sys component. The issue enables local privilege escalation and arbitrary code execution by sending crafted IOCTL requests. Public sources in connected documents confirm the affected driver and the vulnerability’s nature; e...
CVE-2024-33219
CVE-2024-33219 affects the AsIO64.sys component in ASUSTeK (ASUS) SABERTOOTH X99 Driver v1.0.1.0. The issue allows local privilege escalation and arbitrary code execution via specially crafted IOCTL requests, with a CVSS v3.1 base score of 7.8 (Impact: Confidentiality, Integrity, Availability Hig...
CVE-2024-30804
An issue discovered in the DeviceIoControl component in ASUS FanXpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests...
CVE-2024-30804
The affected product is ASUS Fan Xpert (versions prior to 10013). The vulnerability lies in the DeviceIoControl handling, with a likely buffer overflow in the AsInsHelp64.sys driver that enables arbitrary code execution via crafted IOCTL requests. Exploitation details are present in connected doc...
CVE-2024-30804
An issue discovered in the DeviceIoControl component in ASUS FanXpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests...