CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7326 – IObit DualSafe Password Manager BPL RTL120.BPL uncontrolled search path
https://notcve.org/view.php?id=CVE-2024-7326
A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The identifier VDB-273249 was assigned to this vulnerability. • https://lab52.io/blog/dll-side-loading-through-iobit-against-colombia https://vuldb.com/?ctiid.273249 https://vuldb.com/?id.273249 https://vuldb.com/?submit.378150 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7325 – IObit Driver Booster BPL VCL120.BPL uncontrolled search path
https://notcve.org/view.php?id=CVE-2024-7325
A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. • https://vuldb.com/?ctiid.273248 https://vuldb.com/?id.273248 https://vuldb.com/?submit.378139 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7324 – IObit iTop Data Recovery Pro BPL madbasic_.bpl uncontrolled search path
https://notcve.org/view.php?id=CVE-2024-7324
A vulnerability was found in IObit iTop Data Recovery Pro 4.4.0.687. It has been declared as critical. Affected by this vulnerability is an unknown functionality in the library madbasic_.bpl of the component BPL Handler. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. • https://vuldb.com/?id.273247 https://vuldb.com/?ctiid.273247 https://vuldb.com/?submit.378138 • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1195 – iTop VPN IOCTL ITopVpnCallbackProcess.sys denial of service
https://notcve.org/view.php?id=CVE-2024-1195
A vulnerability classified as critical was found in iTop VPN up to 4.0.0.1. Affected by this vulnerability is an unknown functionality in the library ITopVpnCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The identifier VDB-252685 was assigned to this vulnerability. • https://vuldb.com/?ctiid.252685 https://vuldb.com/?id.252685 https://www.youtube.com/watch?v=JdQMINPVJd8 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0430 – IObit Malware Fighter v11.0.0.1274 - Denial of Service (DoS)
https://notcve.org/view.php?id=CVE-2024-0430
IObit Malware Fighter v11.0.0.1274 is vulnerable to a Denial of Service vulnerability by triggering the 0x8001E00C IOCTL code of the ImfHpRegFilter.sys driver. IObit Malware Fighter v11.0.0.1274 es afectado por una vulnerabilidad de denegación de servicio al activar el código IOCTL 0x8001E00C del controlador ImfHpRegFilter.sys. • https://fluidattacks.com/advisories/davis https://www.iobit.com/en/malware-fighter.php • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •