Total
21 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-33219 | 1 Asus | 2 Sabertooth X99, Sabertooth X99 Firmware | 2025-04-18 | N/A | 7.8 HIGH |
| An issue in the component AsIO64.sys of ASUSTeK Computer Inc ASUS SABERTOOTH X99 Driver v1.0.1.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | |||||
| CVE-2024-33220 | 1 Asus | 1 Ai Suite | 2025-04-18 | N/A | 8.8 HIGH |
| An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | |||||
| CVE-2025-26125 | 2025-03-24 | N/A | 7.3 HIGH | ||
| An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files and escalate privileges. | |||||
| CVE-2024-30804 | 2025-03-14 | N/A | 9.8 CRITICAL | ||
| An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests. | |||||
| CVE-2024-33222 | 2025-03-13 | N/A | 8.4 HIGH | ||
| An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc ASUS ATSZIO Driver v0.2.1.7 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | |||||
| CVE-2024-39251 | 2025-03-13 | N/A | 10.0 CRITICAL | ||
| An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests. | |||||
| CVE-2024-0141 | 2025-03-05 | N/A | 6.8 MEDIUM | ||
| NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the GPU vBIOS that may allow a malicious actor with tenant level GPU access to write to an unsupported registry causing a bad state. A successful exploit of this vulnerability may lead to denial of service. | |||||
| CVE-2021-21551 | 1 Dell | 568 Alienware 14, Alienware 17 51m R2, Alienware Area 51 and 565 more | 2025-02-18 | 4.6 MEDIUM | 8.8 HIGH |
| Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. | |||||
| CVE-2024-33221 | 2024-11-21 | N/A | 7.8 HIGH | ||
| An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | |||||
| CVE-2024-33218 | 2024-11-21 | N/A | 7.8 HIGH | ||
| An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests. | |||||
| CVE-2024-32370 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component. | |||||
| CVE-2023-35841 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0. | |||||
| CVE-2021-25695 | 1 Teradici | 1 Pcoip | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver. | |||||
| CVE-2021-21792 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read four bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users. | |||||
| CVE-2021-21791 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read two bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users. | |||||
| CVE-2021-21790 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read two bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users. | |||||
| CVE-2021-21789 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via the OUT instruction. A local attacker can send a malicious IRP to trigger this vulnerability. | |||||
| CVE-2021-21788 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in the input buffer is the device port to write to and the word at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users. A local attacker can send a malicious IRP to trigger this vulnerability. | |||||
| CVE-2021-21787 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users. | |||||
| CVE-2021-21786 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet (IRP) can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability. | |||||