Lucene search
K

111 matches found

CNVD
CNVD
added 2020/03/26 12:0 a.m.2 views

FinalWire AIDA64 Code Execution Vulnerability

FinalWire AIDA64 is a system information, diagnostic and auditing program from the Hungarian company FinalWire that runs on the Microsoft Windows platform. A security vulnerability exists in the kerneld.sys file in FinalWire AIDA64 versions prior to 5.99. An attacker can exploit the vulnerability...

9CVSS7.2AI score0.02394EPSS
Exploits1
OSV
OSV
added 2020/03/25 5:15 p.m.5 views

CVE-2019-7630

An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register MSR. Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation o...

7.2CVSS7.5AI score0.03081EPSS
Exploits1References2
OSV
OSV
added 2020/03/25 5:15 p.m.3 views

CVE-2019-7240

An issue was discovered in WinRing0x64.sys in Moo0 System Monitor 1.83. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x9C402088 and does not properly filter the Model Specific Register MSR. Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges...

7.2CVSS6.2AI score0.02394EPSS
Exploits1References1
OSV
OSV
added 2018/12/26 9:29 p.m.4 views

CVE-2018-18535

The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers MSRs. This could be leveraged to execute arbitrary ring-0 code...

7.8CVSS6AI score0.00575EPSS
Exploits3References4
CNVD
CNVD
added 2018/12/25 12:0 a.m.3 views

ASUS Aura Sync Arbitrary Code Execution Vulnerability

ASUS Aura Sync is a suite of lighting management software from ASUS. An arbitrary code execution vulnerability exists in ASUS Aura Sync version 1.07.22. A local attacker can exploit this vulnerability to execute arbitrary ring-0 code...

7.8CVSS7.9AI score0.00575EPSS
Exploits3References1
CNVD
CNVD
added 2018/12/25 12:0 a.m.3 views

Arbitrary Code Execution Vulnerability in Multiple GIGABYTE Products (CNVD-2018-26459)

GIGABYTE APP Center and others are products of GIGABYTE Technology, a Chinese company. GIGABYTE APP Center is a software program for managing and updating GIGABYTE's product utility programs. AORUS GRAPHICS ENGINE is a software program for overclocking graphics cards. An arbitrary code execution...

9.8CVSS8.2AI score0.08523EPSS
Exploits3References1
CNVD
CNVD
added 2018/12/21 12:0 a.m.3 views

Arbitrary Code Execution Vulnerability in Multiple GIGABYTE Products

GIGABYTE APP Center and others are products of GIGABYTE Technology, a Chinese company. GIGABYTE APP Center is a software program for managing and updating GIGABYTE's product utility programs. AORUS GRAPHICS ENGINE is a software program for overclocking graphics cards. An arbitrary code execution...

9.8CVSS8.2AI score0.08523EPSS
Exploits3References1
OSV
OSV
added 2018/10/30 6:29 p.m.3 views

CVE-2018-10711

The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers MSRs. This could be leveraged to execute arbitrary ring-...

7.8CVSS6AI score0.01545EPSS
Exploits5References2
RedHat Linux
RedHat Linux
added 2015/08/05 8:13 p.m.4 views

kernel: execution in the early microcode loader

A stack-based buffer overflow flaw was found in the Linux kernel's early load microcode functionality. On a system with UEFI Secure Boot enabled, a local, privileged user could use this flaw to increase their privileges to the kernel ring0 level, bypassing intended restrictions in place...

6.9CVSS7AI score0.0042EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Linux Kernel 2.4.x/2.6.x Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12837/info The Linux kernel is reported prone to multiple vulnerabilities that occur because of range-checking flaws present in the ISO9660 handling routines. An attacker may exploit these issues to trigger kernel-based...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2009/09/29 3:2 p.m.7 views

kernel: KVM: x86: Disallow hypercalls for guest callers in rings > 0

The kvmemulatehypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service guest kernel crash and...

7.2CVSS5.8AI score0.004EPSS
Exploits1References4
Rows per page
Query Builder