CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5275
https://notcve.org/view.php?id=CVE-2018-5275
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E020. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9C40E020 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5276
https://notcve.org/view.php?id=CVE-2018-5276
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e018. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e018 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5277
https://notcve.org/view.php?id=CVE-2018-5277
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e000. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e000 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5278
https://notcve.org/view.php?id=CVE-2018-5278
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e00c • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5279
https://notcve.org/view.php?id=CVE-2018-5279
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e02c. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). • http://www.securityfocus.com/bid/102453 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2017-3196
https://notcve.org/view.php?id=CVE-2017-3196
15 Dec 2017 — PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. • http://blog.rewolf.pl/blog/?p=1778 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2017-14961 – IKARUS anti.virus 2.16.7 - 'ntguard_x64' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-14961
13 Nov 2017 — In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c. • https://www.ikarussecurity.com/about-ikarus/security-blog/vulnerability-in-windows-antivirus-products-ik-sa-2017-0002 • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9758
https://notcve.org/view.php?id=CVE-2017-9758
09 Nov 2017 — Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible Subversion." Los paquetes de controladores Savitech para Windows instalan silenciosamente un certificado autofirmado en el almacén Trusted Root Certification Authorities. • http://www.securityfocus.com/bid/101700 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-7441
https://notcve.org/view.php?id=CVE-2017-7441
13 Sep 2017 — Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical information about the machine such as nt! • https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-10 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-6007
https://notcve.org/view.php?id=CVE-2017-6007
13 Sep 2017 — A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to crash the OS via a malformed IOCTL call. • https://trackwatch.com/kernel-pool-overflow-exploitation-in-real-world-windows-7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •