Filtered by vendor Iobit Subscriptions
Total 71 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-19084 1 Iobit 1 Malware Fighter 2024-11-21 N/A
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E05C with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
CVE-2018-18714 1 Iobit 1 Malware Fighter 2024-11-21 N/A
RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E010. This can lead to denial of service (DoS) or code execution with root privileges.
CVE-2018-18026 1 Iobit 1 Malware Fighter 2024-11-21 N/A
IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution attack.
CVE-2018-16713 1 Iobit 1 Advanced Systemcare 2024-11-21 N/A
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction.
CVE-2018-16712 1 Iobit 1 Advanced Systemcare 2024-11-21 N/A
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory.
CVE-2018-16711 1 Iobit 1 Advanced Systemcare 2024-11-21 N/A
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input.
CVE-2014-5646 1 Iobit 1 Amc Security Antivirus Clean 2024-11-21 N/A
The AMC Security- Antivirus, Clean (aka com.iobit.mobilecare) application 4.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2024-25253 1 Iobit 1 Driver Booster 2024-11-19 7.5 High
Driver Booster v10.6 was discovered to contain a buffer overflow via the Host parameter under the Customize proxy module.
CVE-2024-7325 1 Iobit 1 Driver Booster 2024-09-11 7.8 High
A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The identifier of this vulnerability is VDB-273248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-7326 2 Iobit, Itopvpn 2 Dualsafe Password Manager, Dualsafe Password Manager 2024-08-15 7.8 High
A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The identifier VDB-273249 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-7324 1 Iobit 1 Itop Data Recovery Pro 2024-08-01 7.8 High
A vulnerability was found in IObit iTop Data Recovery Pro 4.4.0.687. It has been declared as critical. Affected by this vulnerability is an unknown functionality in the library madbasic_.bpl of the component BPL Handler. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The associated identifier of this vulnerability is VDB-273247. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.