210 matches found
CVE-2024-0788
SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver...
Code injection
SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver...
CVE-2024-0788 SUPERAntiSpyware Pro X v10.0.1260 - Kernel-level API parameters manipulation
SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver...
CVE-2024-0788
SUPERAntiSpyware Pro X v10.0.1260 is affected by a kernel‑level vulnerability in the saskutil64.sys driver, allowing API parameter manipulation leading to Denial of Service via IOCTL code 0x9C402140. Exploitation details are not specified in the provided sources; at least one PT Security advisory...
CVE-2024-0788 SUPERAntiSpyware Pro X v10.0.1260 - Kernel-level API parameters manipulation
SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver...
Netatalk: Multiple Vulnerabilities including root remote code execution
Background Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh. Description Multiple vulnerabilities have been discovered in...
CVE-2023-31096
An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory IOCTL 0x1b2150. An attacker can exploit this to elevate privileges from a medium-integrity process to...
Apple iOS and iPadOS Security Vulnerabilities
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS 17 and iPadOS 17, which originates from an application that may be able to...
How Apple fixed what Microsoft hasn't, with Thomas Reed: Lock and Code S04E16
Earlier this month, a group of hackers was spotted using a set of malicious tools--that originally gained popularity with online video game cheaters--to hide their Windows-based malware from being detected. Sounds unique, right? Frustratingly, it isn't, as the specific security loophole that was...
PT-2022-27284 · Crowdstrike · Crowdstrike Falcon
Name of the Vulnerable Software and Affected Versions: CrowdStrike Falcon version 6.44.15806 Description: The issue allows an administrative attacker to uninstall Falcon Sensor, bypassing the intended protection mechanism that requires possessing a one-time token. The sensor is managed at the...
NVIDIA GPU Display Driver 代码问题漏洞
NVIDIA GPU Display Driver is a driver from NVIDIA Corporation that is used for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver that stems from a null pointer dereference issue at the kernel schema level, which...
Zero-day vulnerabilities fixed in Apple macOS, iOS and iPadOS
Apple, in an interim update, has fixed two zero-day 0day vulnerabilities fixed in macOS, iOS and iPadOS. A malicious person can exploit the vulnerabilities to execute arbitrary code. The most serious vulnerability, marked CVE-2022-32894, allows execution of code at the kernel level. Abuse of this...
The vulnerability of the kernel-level driver nvlddmkm.sys of the NVIDIA GPU Display Driver allows a attacker to cause a system failure and compromise data integrity.
The vulnerability of the kernel-level driver nvlddmkm.sys of the NVIDIA GPU Display Driver is related to insufficient input data validation. Exploiting this vulnerability can allow attackers to cause system failures and compromise data integrity...
Exploit for Race Condition in Apple Ipados
CVE-2021-30955 POC Proof of concept wrapped into an iOS app...
VulnCheck KEV: CVE-2017-15302
In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running...
CVE-2022-21907
HTTP Protocol Stack Remote Code Execution Vulnerability...
Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations
Cybersecurity researchers have proposed a novel approach that harnesses electromagnetic field emanations from the Internet of Things IoT devices as a side-channel to glean precise knowledge about the different kinds of malware targeting the embedded systems, even in scenarios where obfuscation...
Microsoft Windows Event Tracing Remote Code Execution Vulnerability
Windows Event Tracing ETW is an efficient kernel-level tracing tool that allows you to log kernel- or application-defined events to a log file.Microsoft Windows Event Tracing is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...
Microsoft Windows Event Tracing 代码注入漏洞
Windows Event Tracing ETW is an efficient kernel-level tracing tool that allows you to log kernel- or application-defined events to a log file.Microsoft Windows Event Tracing is vulnerable to remote code execution. An attacker could exploit this vulnerability to execute code on the target host...
Apple macOS Flaw Allows Kernel-Level Compromise
Apple has patched a vulnerability in macOS can allow attackers to bypass a key OS protection and install a malicious rootkit to perform arbitrary operations on a device, researchers from Microsoft have discovered. The problem—dubbed “Shrootless”–is associated with a security technology called...