CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 2CVE-2019-7651
https://notcve.org/view.php?id=CVE-2019-7651
08 Feb 2019 — EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended impersonation or object creation. This vulnerability has been fixed in version 2018.12 and later. EPP.sys en Emsisoft Anti-Malware, en versiones anteriores a la 2018.12, permite a los atacantes omitir las ACL debido a que las caracte... • https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6625
https://notcve.org/view.php?id=CVE-2018-6625
05 Feb 2018 — In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010. En WatchDog Anti-Malware 2.74.186.150, el archivo del controlador (ZAMGUARD32.SYS) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, tengan otro impacto sin especificar debido a que no valida los valores de entrada desde IOCtl 0x80002010... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/WatchDog_AntiMalware_POC/tree/master/0x80002010 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6627
https://notcve.org/view.php?id=CVE-2018-6627
05 Feb 2018 — In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054. En WatchDog Anti-Malware 2.74.186.150, el archivo del controlador (ZAMGUARD32.SYS) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, tengan otro impacto sin especificar debido a que no valida los valores de entrada desde IOCtl 0x80002054... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/WatchDog_AntiMalware_POC/tree/master/0x80002054 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 3CVE-2017-15920 – Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2017-15920
27 Oct 2017 — In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. En Watchdog Anti-Malware 2.74.186.150 y Online Security Pro 2.74.186.150, el controlador zam32.sys contiene una vulnerabilidad de desreferencia de puntero NULL que se desencadena al enviar una op... • https://packetstorm.news/files/id/144786 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 3CVE-2017-15921 – Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2017-15921
27 Oct 2017 — In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. En Watchdog Anti-Malware 2.74.186.150 y Online Security Pro 2.74.186.150, el controlador zam32.sys contiene una vulnerabilidad de desreferencia de puntero NULL que se desencadena al enviar una op... • https://packetstorm.news/files/id/144786 • CWE-476: NULL Pointer Dereference •