24 matches found
CVE-2026-3609 XIGNCODE3 xhunter1.sys kernel driver contains a Privilege Escalation Vulnerability
Wellbia's XIGNCODE3 xhunter1.sys kernel driver Privilege Escalation Vulnerability provides access to IRPMJREITS command interface, which allows any user process to request a PROCESSALLACCESS. Cross reference to KVE 2023-5589 https://krcert.or.kr...
EUVD-2018-15775
Malware in sbrugna...
EUVD-2018-15756
Malware in sbrugna...
EUVD-2018-15757
Malware in sbrugna...
Memory corruption
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An...
Design/Logic Flaw
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...
CVE-2018-3989
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...
CVE-2018-3990
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An...
CVE-2018-3990
CVE-2018-3990 concerns WIBU-SYSTEMS WibuKey.sys (Version 6.40, Build 2400). The vulnerability exists in the 0x8200E804 IOCTL handler; a specially crafted IRP can trigger a buffer overflow, causing kernel memory corruption and potentially privilege escalation. Talos reports this vulnerability can ...
CVE-2018-3989
CVE-2018-3989 affects WIBU-SYSTEMS WibuKey.sys (kernel driver) version 6.40 (Build 2400). A crafted IRP to IOCTL 0x8200E804 can cause the driver to return uninitialized kernel memory, producing kernel memory information disclosure. TALOS confirms this vulnerability vector and links it to the 0x82...
CVE-2018-3990
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An...
WIBU-SYSTEMS WibuKey.sys 0x8200E804 kernel memory information disclosure vulnerability
Summary An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An...
Design/Logic Flaw
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to...
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...
Design/Logic Flaw
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...
CVE-2018-3970
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to...
CVE-2018-3971
CVE-2018-3971 is a privilege-escalation flaw in Sophos HitmanPro.Alert (hmpalert.sys) 3.7.6.744, exploitable via IOCTL 0x2222CC. The vulnerability enables an attacker to perform an arbitrary write by supplying srcAddress, dstAddress, and srcSize; a write-what-where effect can copy data from the a...
CVE-2018-3970
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to...
CVE-2018-3970
Sophos HitmanPro.Alert 3.7.6.744 contains an exploitable memory-disclosure vulnerability in the hmpalert IOCTL handler (0x222000). A crafted IRP/IOCTL request can leak kernel memory to user mode, as confirmed by TALOS-2018-0635 and related OpenVAS/PT-2018-16350 analyses. The issue affects the IOC...
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...