20 matches found
EUVD-2020-29656
Malware in sbrugna...
CVE-2024-22002
CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory...
The vulnerability of the iCUEUpdateService service in the CORSAIR iCUE management system allows a hacker to elevate their privileges.
The vulnerability of the iCUEUpdateService service in the CORSAIR iCUE management system is related to insufficient protection of service data due to the loading of dynamic libraries MSASN1.dll, NTASN1.dll, and profapi.dll into the \cuepkg-1.2.6 directory. Exploiting this vulnerability can allow...
CVE-2024-22002
CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory...
CVE-2024-22002
CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory...
CORSAIR iCUE Security Vulnerabilities
CORSAIR iCUE is a PC monitoring and RGB lighting control software from CORSAIR. It allows you to control and customize compatible RGB lighting devices, fans, keyboards, mice, headphones, and more. A security vulnerability exists in CORSAIR iCUE version 5.9.105 that originates from allowing an...
CVE-2024-22002
CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory...
CVE-2024-22002
CORSAIR iCUE 5.9.105 on Windows is affected by a DLL hijacking vulnerability in the cuepkg-1.2.6 subdirectory used during updates by the iCUEUpdateService. An unprivileged user who can write to that directory can place a malicious DLL (e.g., MSASN1.dll, NTASN1.dll, profapi.dll) that will be loade...
PT-2024-6108 · Microsoft +1 · Ntasn1.Dll +3
Name of the Vulnerable Software and Affected Versions: CORSAIR iCUE version 5.9.105 Description: The issue is related to insufficient protection of service data due to the loading of dynamic libraries, including MSASN1.dll, NTASN1.dll, and profapi.dll, in the cuepkg-1.2.6 subdirectory of the...
CVE-2020-8808
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users including low-integrity level processes to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call...
CVE-2020-8808
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users including low-integrity level processes to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call...
CVE-2020-8808
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users including low-integrity level processes to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call...
Memory corruption
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users including low-integrity level processes to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call...
CVE-2020-8808
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users including low-integrity level processes to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call...
CVE-2020-8808
The CVE concerns CORSAIR iCUE’s CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers. In versions prior to 3.25.60, local non-privileged users (including low-integrity processes) could read and write arbitrary physical memory via MmMapIoSpace, enabling elevation to NT AUTHORITY\SYSTEM. This vu...
PT-2020-20294
Name of the Vulnerable Software and Affected Versions CORSAIR iCUE versions prior to 3.25.60 Description The issue allows local non-privileged users to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITYSYSTEM privileges, via a function call such as...
CVE-2017-11362
In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformatparse.c does not restrict the locale length, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact within International...
Maximus.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The InfoGuard Group Vulnerability Summary 2006-04 Application: Maximus' iCue and iParent http://www.schoolmax.net Versions: All Bugs: Cross-Site Scripting XSS Date: 18 June 2006 Author: Charles H. E-mail: [email protected] Website:...
CVE-2006-3143
Cross-site scripting XSS vulnerability in icuelogin.asp in Maximus SchoolMAX 4.0.1 and earlier iCue and iParent applications allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter...
CVE-2006-3143
The CVE CVE-2006-3143 affects Maximus SchoolMAX 4.0.1 and earlier iCue/iParent applications, where the icue_login.asp page is vulnerable to reflected cross-site scripting via the error_msg parameter. The underlying issue is improper handling of user-supplied input, allowing an attacker to inject ...