21 matches found
CVE-2025-64699
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The regService process, which runs with SYSTEM privileges, applies a Security Descriptor to a device object with no explicitly configured DACL. This condition could allow an attacker to perform unauthorized raw...
EUVD-2025-206011
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The regService process, which runs with SYSTEM privileges, applies a Security Descriptor to a device object with no explicitly configured DACL. This condition could allow an attacker to perform unauthorized raw...
CVE-2025-64699
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The regService process, which runs with SYSTEM privileges, applies a Security Descriptor to a device object with no explicitly configured DACL. This condition could allow an attacker to perform unauthorized raw...
CVE-2025-64699
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The regService process, which runs with SYSTEM privileges, applies a Security Descriptor to a device object with no explicitly configured DACL. This condition could allow an attacker to perform unauthorized raw...
CVE-2025-64699
CVE-2025-64699 affects SevenCs ORCA G2 2.0.1.35 (EC2007 Kernel v5.22). The regService process, running with SYSTEM privileges, applies a Security Descriptor to a device object that has no explicitly configured DACL. This can allow an attacker to perform unauthorized raw disk operations, potential...
CVE-2025-64699
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The regService process, which runs with SYSTEM privileges, applies a Security Descriptor to a device object with no explicitly configured DACL. This condition could allow an attacker to perform unauthorized raw...
CVE-2025-64699
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The regService process, which runs with SYSTEM privileges, applies a Security Descriptor to a device object with no explicitly configured DACL. This condition could allow an attacker to perform unauthorized raw...
PT-2025-54386
Name of the Vulnerable Software and Affected Versions SevenCs ORCA G2 version 2.0.1.35 EC2007 Kernel v5.22 Description An issue exists where a Security Descriptor with no explicitly configured DACL is applied to a device object by the regService process, which operates with SYSTEM privileges. Thi...
EUVD-2007-4376
Malware in sbrugna...
EUVD-2025-27599
Malicious code in bioql PyPI...
CVE-2025-50892
The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests IRPMJREAD/IRPMJWRITE sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive...
CVE-2025-50892
The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests IRPMJREAD/IRPMJWRITE sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive...
CVE-2025-50892
The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests IRPMJREAD/IRPMJWRITE sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive...
CVE-2025-50892
The CVE-2025-50892 entry concerns EaseUS Todo Backup 1.2.0.1, where the eudskacs.sys driver (version 20250328) fails to properly validate privileges for I/O requests (IRP_MJ_READ/IRP_MJ_WRITE) sent to its device object. This creates a local, low-privileged attacker capability to perform arbitrary...
PT-2025-37082
Name of the Vulnerable Software and Affected Versions: EaseUs Todo Backup version 1.2.0.1 Description: The eudskacs.sys driver version 20250328 fails to properly validate privileges for I/O requests IRP MJ READ/IRP MJ WRITE sent to its device object. This allows a local, low-privileged attacker t...
CVE-2025-50892
The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests IRPMJREAD/IRPMJWRITE sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive...
Shamoon Returns to Wipe Systems in Middle East, Europe
ARCHIVED STORY Shamoon Returns to Wipe Systems in Middle East, Europe By Alexandre Mundo · December 14, 2018 Destructive malware has been employed by adversaries for years. Usually such attacks are carefully targeted and can be motivated by ideology, politics, or even financial aims. Destructive...
K7 Anti-Virus Premium Multiple Vulnerabilities (Nov 2017)
K7 Anti-Virus Premium is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
K7 Antivirus Premium Information Disclosure Vulnerability
K7 Antivirus Premium is a suite of anti-virus software from K7 Computing India. A security vulnerability exists in versions of K7 Antivirus Premium prior to 15.1.0.53, which stems from a failure to adequately authenticate user input sent to the K7Sentry device. A local attacker could exploit the...
CVE-2017-17429
In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL...