CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5088
https://notcve.org/view.php?id=CVE-2018-5088
03 Jan 2018 — In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300211C. En K7 AntiVirus 15.1.0306, el archivo del controlador (K7FWHlpr.sys) permite que usuarios locales provoquen una denegación de servicio (BSOD) o, posiblemente, otro impacto sin especificar porque no se validan los valores de entrada de las llamadas IOCTL 0x8300211C. • https://github.com/rubyfly/K7AntiVirus_POC/tree/master/0x8300211C • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17699
https://notcve.org/view.php?id=CVE-2017-17699
15 Dec 2017 — K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request. K7Sentry.sys 15.1.0.59 en K7 Antivirus 15.1.0309 tiene una vulnerabilidad de desreferencia de puntero NULL mediante una petición 0x950025ac DeviceIoControl. • https://github.com/mmmxny/K7-Antivirus/tree/master/cve3 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17700
https://notcve.org/view.php?id=CVE-2017-17700
15 Dec 2017 — K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request. K7Sentry.sys 15.1.0.59 en K7 Antivirus 15.1.0309 tiene una vulnerabilidad de desreferencia de puntero NULL mediante una petición 0x950025a4 DeviceIoControl. • https://github.com/mmmxny/K7-Antivirus/tree/master/cve1 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17701
https://notcve.org/view.php?id=CVE-2017-17701
15 Dec 2017 — K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request. K7Sentry.sys 15.1.0.59 en K7 Antivirus 15.1.0309 tiene una vulnerabilidad de desreferencia de puntero NULL mediante una petición 0x950025c8 DeviceIoControl. • https://github.com/mmmxny/K7-Antivirus/tree/master/cve2 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17464
https://notcve.org/view.php?id=CVE-2017-17464
08 Dec 2017 — K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570 DeviceIoControl request. K7Sentry.sys 15.1.0.59 en K7 Antivirus 15.1.0309 tiene una vulnerabilidad de desreferencia de puntero NULL mediante una petición DeviceIoControl 0x95002570. • https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/K7-Antivirus/K7Anti_Nullptr_Dereference_0x95002570 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17465
https://notcve.org/view.php?id=CVE-2017-17465
08 Dec 2017 — K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002574 DeviceIoControl request. K7Sentry.sys 15.1.0.59 en K7 Antivirus 15.1.0309 tiene una vulnerabilidad de desreferencia de puntero NULL mediante una petición DeviceIoControl 0x95002574. • https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/K7-Antivirus/K7Anti_Nullptr_Dereference_0x95002574 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 5CVE-2014-9643 – K7 Computing (Multiple Products) - Arbitrary Write Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-9643
05 Feb 2015 — K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call. K7Sentry.sys en K7 Computing Ultimate Security, Anti-Virus Plus, y Total Security anterior a 14.2.0.253 permite a usuarios locales escribir a localizaciones de memoria arbitrarias, y como consecuencia ganar privilegio... • https://packetstorm.news/files/id/130246 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2014-7136 – K7 Computing Multiple Products K7FWFilt.sys Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-7136
10 Dec 2014 — Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call. Desbordamiento de buffer basado en memoria dinámica en el controlador del modo de kernel K7FWFilt.sys (también conocido como K7Firewall Packet Driver) anterior a 14.0.1.16, utilizado en múltiples productos de K7 Computing, permite ... • http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2014-8608 – K7 Computing Multiple Products Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2014-8608
10 Dec 2014 — The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing "crashme$$". El controlador del modo kérnel K7Sentry.sys (también conocido como K7AV Sentry Device Driver) en versiones anteriores a 12.8.0.119, como se usa en múltiples productos K7 Computing, permite a usuarios locales provocar una denegación de servicio (referenc... • http://packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2014-8956 – K7 Computing Multiple Products K7Sentry.sys Out-Of-Bounds Write
https://notcve.org/view.php?id=CVE-2014-8956
10 Dec 2014 — Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via unspecified vectors. Desbordamiento de buffer basado en pila en el controlador del modo de kernel K7Sentry.sys (también conocido como K7AV Sentry Device Driver) anterior a 12.8.0.119, utilizado en múltiples productos de K7 Computing, permite a usuarios locales ejecutar código ar... • http://packetstormsecurity.com/files/129472/K7-Computing-Multiple-Products-K7Sentry.sys-Out-Of-Bounds-Write.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •