DownWithUp

6 exploits Active since Aug 2018
CVE-2018-16712 NOMISEC MEDIUM WORKING POC
IObit Advanced SystemCare <1.2.0.5 - Memory Corruption
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory.
25 stars
CVSS 6.5
CVE-2018-15499 NOMISEC MEDIUM WORKING POC
GEAR Software GEARAspiWDM 2.2.5.0 - Denial of Service via Race Condition in Memory Availability Check
GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine.
11 stars
CVSS 4.7
CVE-2018-16713 NOMISEC MEDIUM WORKING POC
IObit Advanced SystemCare <1.2.0.5 - Code Injection
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction.
6 stars
CVSS 6.5
CVE-2018-18026 NOMISEC HIGH WORKING POC
IObit Malware Fighter < 6.2 - Stack-based Buffer Overflow via DeviceIoControl
IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution attack.
6 stars
CVSS 7.8
CVE-2018-18714 NOMISEC HIGH WORKING POC
IOBit Malware Fighter < 6.2 - Stack-Based Buffer Overflow via IOCTL 0x8006E010
RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E010. This can lead to denial of service (DoS) or code execution with root privileges.
6 stars
CVSS 7.8
CVE-2018-16711 NOMISEC HIGH WORKING POC
IObit Advanced SystemCare <1.2.0.5 - Code Injection
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input.
5 stars
CVSS 8.8