SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability

Talos Vulnerability Report TALOS-2020-1122 SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability August 4, 2020 CVE Number CVE-2020-13523 SUMMARY An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I...

Solving Uninitialized Kernel Pool Memory on Windows

This blog post outlines the work that Microsoft is doing to eliminate uninitialized kernel pool memory vulnerabilities from Windows and why we’re on this path. For a background on why uninitialized memory matters and what options have been used in the past to tackle this issue, please see our...

Solving Uninitialized Kernel Pool Memory on Windows

This blog post outlines the work that Microsoft is doing to eliminate uninitialized kernel pool memory vulnerabilities from Windows and why we’re on this path. For a background on why uninitialized memory matters and what options have been used in the past to tackle this issue, please see our...

Solving Uninitialized Kernel Pool Memory on Windows

This blog post outlines the work that Microsoft is doing to eliminate uninitialized kernel pool memory vulnerabilities from Windows and why we’re on this path. For a background on why uninitialized memory matters and what options have been used in the past to tackle this issue, please see our...

PRTG Network Monitor < 19.4.53.1912 Multiple Vulnerabilities

PRTG Network Monitor is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...

Critical Patch Released for 'Wormable' SMBv3 Vulnerability — Install It ASAP!

Microsoft today finally released an emergency software update to patch the recently disclosed very dangerous vulnerability in SMBv3 protocol that could let attackers launch wormable malware, which can propagate itself from one vulnerable computer to another automatically. The vulnerability, track...

Exploit for Use After Free in Microsoft

CVE-2019-0708 BlueKeep Currently, I public only the explo...

Code injection

An issue was discovered in Npcap 0.992. Sending a malformed .pcap file with the loopback adapter using either pcapsendqueuequeue or pcapsendqueuetransmit results in kernel pool corruption. This could lead to arbitrary code executing inside the Windows kernel and allow escalation of privileges...

CVE-2019-11490

An issue was discovered in Npcap 0.992. Sending a malformed .pcap file with the loopback adapter using either pcapsendqueuequeue or pcapsendqueuetransmit results in kernel pool corruption. This could lead to arbitrary code executing inside the Windows kernel and allow escalation of privileges...

CVE-2019-11490

An issue was discovered in Npcap 0.992. Sending a malformed .pcap file with the loopback adapter using either pcapsendqueuequeue or pcapsendqueuetransmit results in kernel pool corruption. This could lead to arbitrary code executing inside the Windows kernel and allow escalation of privileges...

CVE-2019-11490

Npcap 0.992 is affected by CVE-2019-11490. Sending a malformed .pcap to the loopback adapter via pcap_sendqueue_queue() or pcap_sendqueue_transmit() can cause kernel pool corruption, enabling arbitrary code execution inside the Windows kernel and resulting in privilege escalation. No remediation ...

CVE-2019-6493

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...

CVE-2019-6493

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...

Design/Logic Flaw

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...

CVE-2019-6493

CVE-2019-6493 affects IObit Smart Defrag 6 (SmartDefragDriver.sys, v2.0). The issue arises because the driver never frees an executable kernel pool allocated with user-defined bytes and size when IOCTL 0x9C401CC0 is invoked, allowing a leak of a kernel pointer if the pool becomes a “big” pool. Co...

CVE-2019-6493

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...

CVE-2019-6492

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC4 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...

CVE-2019-6492

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC4 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...

Null pointer dereference

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC4 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...

CVE-2019-6492

SmartDefragDriver.sys 2.0 in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC4 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool...