EUVD-2018-17487

Malware in sbrugna...

CVE-2024-53034

CVE-2024-53034 affects Qualcomm chipsets’ DSP_Services, where memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with DriverKnownEscape flag reset. Root cause: memory corruption in the Escape handling path when invalid kernel-event...

Dell DBUtil_2_3.sys IOCTL Memory Read / Write Exploit

The DBUtil23.sys driver distributed by Dell exposes an unprotected IOCTL interface that can be abused by an attacker to read and write kernel-mode memory. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

CVE-2018-5718

Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service BSOD or modify kernel-mode...

Out-of-bounds

Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service BSOD or modify kernel-mode...

CVE-2018-5718

The CVE affects SafeN’Sec SoftControl/SafenSoft products: SysWatch, TPSecure, and Enterprise Suite, where snscore.sys allows improper restriction of write operations within memory buffer bounds. The root cause is buffer-boundary checks in snscore.sys, enabling a local attacker to cause a denial o...

CVE-2018-5718

Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service BSOD or modify kernel-mode...

Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1078 We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool...

Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads Exploit

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=382&can=1 We have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files, such as: ---...

Microsoft Windows 2000 Lanman Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/4532/info An issue has been discovered in Windows 2000, which could cause a denial of system services. Submitting malformed data to port 445 could cause the Lanman service to consume high CPU and Kernel mode memory usage....

eset-escalate.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : ESET Smart Security 3.0.667.0 Class : Privilage escalation Published : 2008-08-14 Credit : g g orange-bat com - - Details - File: easdrv.sys .text:00012B92 loc12B92: .text:00012B92 push ebp+InputBuf .text:00012B95 call...