CVE-2021-47789 Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service (PoC)

Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash...

CVE-2021-47789

Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash...

PT-2026-3161

Name of the Vulnerable Software and Affected Versions Yenkee Hornet Gaming Mouse driver versions affected versions not specified Description The Yenkee Hornet Gaming Mouse driver, specifically the GM312Fltr.sys file, has a buffer overrun issue. An attacker can cause a system crash by sending an...

CVE-2025-51060

An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSRLSTAR and hook KiSystemCall64. Afterward,...

CVE-2025-21447

Memory corruption may occur while processing device IO control call for session control...

CVE-2025-21447

Memory corruption may occur while processing device IO control call for session control...

CVE-2025-21447 Improper Validation of Array Index in Computer Vision

Memory corruption may occur while processing device IO control call for session control...

CVE-2025-21447

CVE-2025-21447 affects Qualcomm Snapdragon chipsets. The issue is memory corruption occurring when processing a device IOCTL call for session control, caused by an underlying vulnerability in the IOCTL handling path. The provided sources (NVD/Red Hat/CVE record and related feeds) confirm the memo...

PT-2025-15217 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon and related products versions prior to the fixed version Description: Memory corruption may occur while processing device IO control call for session control. Recommendations: At the moment, there is no information about a...

PT-2024-25791 · Sisoftware · Sisoftware Sandra

Name of the Vulnerable Software and Affected Versions: SiSoftware SANDRA versions prior to v31.67 Description: An issue in SiSoftware SANDRA allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API. Recommendations: For...

VulnCheck KEV: CVE-2023-44976

Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023...

Information disclosure

RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosur...

CVE-2021-36925

RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure via a...

CVE-2021-36922

RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure via a crafted Device IO Control packet to a...

CVE-2021-28686

AsIO264.sys and AsIO232.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. This could enable low-privileged users to achieve Denial of Service via a DeviceIoControl...

Denial of Service Vulnerability in KsysCall.sys Driver of JM Firewall (CNVD-2018-24683)

Jiangmin Firewall is a network security protection tool designed to address the safety of individual users on the Internet, the product incorporates advanced network access dynamic monitoring technology to thoroughly solve the invasion of hacker attacks, Trojan horse programs and Internet viruses...

CVE-2018-18026

IMFCameraProtect.sys in IObit Malware Fighter 6.2 and possibly lower versions is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution...

Denial of Service Vulnerability in XPacket Driver for Fair's Personal Firewall Software

Fair Personal Firewall Pro is one of Fair Security Labs products. It provides a full range of network security protection for your computer. A security vulnerability exists in the XPacket.sys driver of Fair Personal Firewall Pro. An attacker can exploit this vulnerability by sending a 0x804D2190...

Denial of Service Vulnerability in filar Driver for Fertostat Security V7 Software

Fertostat Security V7 is a powerful antivirus with both anti-Trojan, anti-virus and anti-Rootkit features. A denial of service vulnerability exists in the filar.sys driver in Feltost Security V7, which can be exploited by an attacker to send a 0x80002018 request via the DeviceIoControl function t...

Jungo DriverWizard WinDriver Denial of Service Vulnerability (CNVD-2018-08676)

Jungo DriverWizard WinDriver is a PCI/USB device driver development tool from Israel's Jungo Connectivity. A denial of service vulnerability exists in windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0. An attacker can exploit this vulnerability to cause a denial of service blue screen of dea...