163 matches found
CVE-2021-42980
NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request...
CVE-2021-42979
NoMachine Cloud Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request...
CVE-2021-42977
NoMachine Enterprise Desktop is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I...
CVE-2021-33600
A denial-of-service DoS vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending...
CVE-2021-21792
An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet IRP can lead to privileged reads in the context of a driver which can result in sensitive information...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from the British company IOBit Iobit. The program is mainly used for scanning, repairing and optimizing the system, among other things. A security vulnerability exists in IOBit Advanced SystemCare Ultimate, which stems from a...
Hunting for Bugs in Windows Mini-Filter Drivers
Posted by James Forshaw, Project Zero In December Microsoft fixed 4 issues in Windows in the Cloud Filter and Windows Overlay Filter WOF drivers CVE-2020-17103, CVE-2020-17134, CVE-2020-17136, CVE-2020-17139. These 4 issues were 3 local privilege escalations and a security feature bypass, and the...
NZXT CAM elevation of privilege vulnerability (CNVD-2020-73165)
NZXT CAM is a performance monitoring software for gaming computers from NZXT USA. The software can be used to manage computer performance, temperature, and devices to ensure that the computer is at optimal performance. NZXT CAM version 4.8.0 has an authorization issue vulnerability that stems fro...
CVE-2020-13513
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause increased privileges. Using the IRP 0x9c40a0dc gives a low privilege user direct access to the OUT instruction that...
CVE-2020-13519
A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause increased privileges. An attacker can send a malicious IRP to trigger this vulnerability...
CVE-2020-13514
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause increased privileges. Using the IRP 0x9c40a0e0 gives a low privilege user direct access to the OUT instruction that...
CVE-2020-13518
An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c402084 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...
CVE-2020-13510
An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP using the IRP 0x9c4060d0 gives a low privilege user direct access to the IN instruction that is completely unrestrained at ...
CVE-2020-13510
An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP using the IRP 0x9c4060d0 gives a low privilege user direct access to the IN instruction that is completely unrestrained at ...
Information disclosure
An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP using the IRP 0x9c4060d0 gives a low privilege user direct access to the IN instruction that is completely unrestrained at ...
Information disclosure
An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406104 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability...
PT-2020-13596 · Nzxt · Winring0X64 Driver +1
Name of the Vulnerable Software and Affected Versions: NZXT CAM version 4.8.0 Description: A privilege escalation issue exists in the WinRing0x64 Driver IRP 0x9c402088 functionality. This can be triggered by a specially crafted I/O request packet IRP, allowing an attacker to send a malicious IRP...
PT-2020-13589 · Nzxt · Nzxt Cam
Name of the Vulnerable Software and Affected Versions: NZXT CAM version 4.8.0 Description: A privilege escalation issue exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality. A specially crafted I/O request packet IRP can cause increased privileges. Using the IRP 0x9c40a0d8 giv...
PT-2020-13591 · Nzxt · Nzxt Cam
Name of the Vulnerable Software and Affected Versions: NZXT CAM version 4.8.0 Description: A privilege escalation issue exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality. A specially crafted I/O request packet IRP can cause increased privileges. Using the IRP 0x9c40a0e0 giv...
PT-2020-13592 · Nzxt · Winring0X64 Driver +1
Name of the Vulnerable Software and Affected Versions: NZXT CAM version 4.8.0 Description: A privilege escalation issue exists in the WinRing0x64 Driver IRP 0x9c40a148 functionality. This allows an adversary to obtain elevated privileges by sending a specially crafted I/O request packet IRP. An...