14 matches found
EUVD-2007-5605
Malware in sbrugna...
EUVD-2024-51042
Malicious code in bioql PyPI...
CVE-2024-12668
Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the...
PT-2024-17709 · Velocidex · Velocidex Winpmem
Name of the Vulnerable Software and Affected Versions: Velocidex WinPmem versions below 4.1 Description: The issue allows a user space program to trick the driver into writing a 0 into any chosen memory location by using an IO Control. In conjunction with information leakage from the WinPmem...
CVE-2023-20562
Insufficient validation in the IOCTL Input Output Control input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution...
Iran Targets Mideast Oil with ZeroCleare Wiper Malware
A freshly-discovered wiper malware dubbed “ZeroCleare” has been deployed to target the energy and industrial sectors in the Middle East. According to IBM’s X-Force Incident Response and Intelligence Services IRIS, ZeroCleare so-named because of the program database pathname of its binary file was...
Microsoft Windows Local Security Feature Bypass Vulnerability
Microsoft Windows 10, Windows Server 2016, and Windows Server Version 1709 are all products of Microsoft Corporation, U.S.A. Microsoft Windows 10 is a cross-platform operating system for PCs and laptops, tablets and devices such as cell phones.Windows Server 2016 and Windows Server Version 1709 a...
VulnCheck KEV: CVE-2007-5633
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the 1 IOCTLRDMSR 0x9C402438 and 2 IOCTLWRMSR 0x9C40243C IOCTLs to \Device\speedfan, as...
Lessons from Operation RussianDoll
As defensive security controls raise the bar to attack, attackers will employ increasingly sophisticated techniques to complete their mission. Understanding the mechanics and impact of these threats is essential to systematically discover and deflect the coming wave of advanced attacks. Mandiant...
Microsoft Windows Trusted Boot Security Feature Bypass Vulnerability
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. A security feature bypass vulnerability exists in Microsoft Windows. An attacker can exploit this vulnerability to disable code integrity checking, load signed...
CVE-2007-5633
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the 1 IOCTLRDMSR 0x9C402438 and 2 IOCTLWRMSR 0x9C40243C IOCTLs to \Device\speedfan, as...
Code injection
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the 1 IOCTLRDMSR 0x9C402438 and 2 IOCTLWRMSR 0x9C40243C IOCTLs to \Device\speedfan, as...
CVE-2007-5633
CVE-2007-5633 is a local-elevation vulnerability in SpeedFan (speedfan.sys) used on Windows Vista x64. The issue allows a local attacker to read/write MSRs and load unsigned drivers via IOCTL_RDMSR 0x9C402438 and IOCTL_WRMSR 0x9C40243C to \Device\speedfan (MSR_LSTAR shown in examples). The provid...
CVE-2007-5633
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the 1 IOCTLRDMSR 0x9C402438 and 2 IOCTLWRMSR 0x9C40243C IOCTLs to \Device\speedfan, as...