12 matches found
CVE-2025-11156
Netskope was notified about a potential gap in its agent NS Client on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash...
CVE-2025-11156
CVE-2025-11156 affects the Netskope NS Client on Windows. A local, authenticated user with Administrator privileges can improperly load the NS Client driver as a generic kernel service, triggering a system crash (Blue Screen of Death) and a Denial of Service on the affected machine. The descripti...
CVE-2025-11156 Improper Service Loading Vulnerability in Netskope Endpoint DLP Driver
Netskope was notified about a potential gap in its agent NS Client on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash...
EUVD-2025-199877
Netskope was notified about a potential gap in its agent NS Client on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash...
CVE-2025-11156 Improper Service Loading Vulnerability in Netskope Endpoint DLP Driver
Netskope was notified about a potential gap in its agent NS Client on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash...
PT-2025-48334
Netskope was notified about a potential gap in its agent NS Client on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash...
CVE-2016-0859
Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted RPC request...
CVE-2016-0859
Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted RPC request...
Integer overflow
Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted RPC request...
CVE-2016-0859
Summary: CVE-2016-0859 affects Advantech WebAccess before 8.1. The vulnerability is an integer overflow in the Kernel service that can be triggered by a crafted RPC request, leading to remote code execution or a denial of service (stack-based buffer overflow). Affected product/version: WebAccess ...
CVE-2004-1193
Prevx Home 1.0 allows local users with administrator privileges to bypass the intrusion prevention features by directly writing to \device\physicalmemory, which restores the running kernel's original SDT ServiceTable...
TOCTOU with NT System Service Hooking
TOCTOU Time-Of-Check-to-Time-Of-Use problem is known for a while 1. Nevertheless such bugs are still not uncommon. That is more or less acceptable for general software but not for security products. I believe there are drivers that hook kernel system services by well known technique 2,3,4. Those...