CVE-2024-10972

Velocidex WinPmem versions 4.1 and below suffer from an Improper Input Validation vulnerability whereby an attacker with admin access can trigger a BSOD with a parallel thread changing the memory’s access right under the control of the user-mode application. This is due to verification only being...

NDIS Packet Buffer Overflow Due To Allocation/Copy Inconsistencies

Description Reading driver source code is a challenge because despite things appearing to be a vulnerability, there might be a single overlooked comment in MSDN's documentation for an obscure function that ensures that something isn't a vulnerability - in light of this challenge, I'm going to wal...

Faronics Deep Freeze Arbitrary Code Execution Vulnerability

Faronics Deep Freeze Standard and Enterprise suffers from an arbitrary code execution vulnerability. Vulnerability title: Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise CVE: CVE-2014-2382 Vendor: Faronics Product: Deep Freeze Standard and Enterprise Affected version:...

symtdi. sys local privilege elevation vulnerability-vulnerability warning-the black bar safety net

The recent adoption of the disassembly analysis found a symantec of the vulnerability, this vulnerability is in symtdi.sys in the presence of, by the To the driver in the processing IRPMJDEVICECONTROL routine does not check the user passed a buffer address of legitimacy, Cause any kernel address ...