31 matches found
K53214222: midi kernel driver vulnerability CVE-2018-10902
Security Advisory Description It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local...
VulnCheck KEV: CVE-2021-28664
Arm Mali Graphics Processing Unit GPU kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes...
The vulnerability of the VFIO PCI kernel driver for Linux operating systems, related to insufficient handling of exceptional conditions, allows a hacker to trigger a service failure.
The vulnerability of the VFIO PCI kernel driver in the Linux operating system is related to insufficient handling of exceptional conditions. Exploiting this vulnerability can allow an attacker to cause a service failure...
Remote code execution
An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write to arbitrary Model Specific Registers MSRs. This could lead to arbitrary Ring-0 code execution and escalation of...
FinalWire AIDA64 Code Execution Vulnerability
FinalWire AIDA64 is a system information, diagnostic and auditing program from the Hungarian company FinalWire that runs on the Microsoft Windows platform. A security vulnerability exists in the kerneld.sys file in FinalWire AIDA64 versions prior to 5.99. An attacker can exploit the vulnerability...
Denial of Service Vulnerability in NSecKrnl32 Driver of Wei-Eye Computerized Supervisory System of Shandong Anzai Information Technology Co.
PowerEye Computer Supervision System is a professional company computer monitoring and LAN monitoring software. It monitors computer screens and also manages users' online behavior. The NSecKrnl32 driver of Shandong Anzai Information Technology Co., Ltd. has a denial of service vulnerability that...
Jiangmin Antivirus Denial of Service Vulnerability (CNVD-2018-03290)
Jiangmin Antivirus is a set of online antivirus software from the Chinese Jiangmin Jiangmin New Technology Company. A security vulnerability exists in the KrnlCall.sys driver file in Jiangmin Antivirus version 16.0.0.100, which is caused by the program failing to validate the input value of IOCtl...
CVE-2017-17803
In TG Soft Vir.IT eXplorer Lite 8.5.65, the driver file VIRAGTLT.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x82736068, a different vulnerability than CVE-2017-17475...
The vulnerability of Kaspersky Internet Security’s antivirus protection allows a hacker to trigger a service failure.
The vulnerability of the KLIF driver in Kaspersky Internet Security’s antivirus protection system exists due to errors in the filtering of system calls. Exploiting this vulnerability could allow a malicious actor, operating locally, to cause a service failure by sending the API call...
360杀毒和360安全卫士内核驱动多个本地拒绝服务漏洞
BUGTRAQ ID: 39936 360杀毒和360安全卫士都是在中国广泛使用的免费杀毒软件。 360杀毒和360安全卫士所使用的profos.sys和360FkAdv.sys驱动没有正确地验证从用户空间所传送的进程对象指针,本地用户可以通过提交恶意的IOCTL请求导致内核崩溃。 奇虎360 360安全卫士 6.1.5.1010 奇虎360 360杀毒 1.1.0.1096 厂商补丁: 奇虎360 ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.360.cn/...
CVE-2009-2450
The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Armor Personal Firewall AV+ before 3.5.0.12, and Personal Firewall 3.5 before 3.5.0.14, allows local users to gain privileges via crafted METHODNEITHER IOCTL requests to \Device\OAmon containing arbitrary kernel addresses, as...