ReportizFlow
Filtered by vendor Signalrgb
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-8049 | 1 Signalrgb | 1 Signalrgb Kernel Driver | 2026-06-21 | 5.3 Medium |
| In SignalRGB versions prior to 1.3.7.0, the \\.\SignalIo device object is created without an explicit SDDL security descriptor and without FILE_DEVICE_SECURE_OPEN. This results in overly permissive default access control, allowing any authenticated local user to obtain a handle to the device and issue privileged IOCTLs. | ||||
| CVE-2026-8050 | 1 Signalrgb | 1 Signalrgb Kernel Driver | 2026-06-21 | 7.5 High |
| In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash. | ||||
Page 1 of 1.