Andres Roldan

**Name of the Vulnerable Software and Affected Versions** Ad Inserter - Ad Manager and AdSense Ads version 2.8.0 **Description** The issue arises from the web application dynamically generating web content without validating the source of potentially untrusted data in the file myapp/includes/dst/dst.php. **Recommendations** For Ad Inserter - Ad Manager and AdSense Ads version 2.8.0, consider validating the source of all data used in dynamic web content generation to prevent potential exploitation. As a temporary workaround, restrict access to the dst.php file in the myapp/includes/dst/ directory to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PixelYourSite - Your smart PIXEL (TAG) and API Manager version 10.1.1.1 **Description** The issue arises from unvalidated user input being used directly in an `unserialize` function. This occurs in the `myapp/modules/facebook/facebook-server-a sync-task.php` file. **Recommendations** For version 10.1.1.1, consider validating all user input to prevent direct usage in the `unserialize` function as a temporary workaround. Restrict access to the `myapp/modules/facebook/facebook-server-a sync-task.php` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WP Activity Log version 5.3.2 **Description** The issue arises from unvalidated user input being used directly in an `unserialize` function. This is located in the `myapp/classes/Writers/class-csv-writer.php` file. **Recommendations** For WP Activity Log version 5.3.2, consider validating user input before using it in the `unserialize` function to prevent potential exploitation. As a temporary workaround, restrict access to the `class-csv-writer.php` file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** FooGallery – Responsive Photo Gallery version 2.4.29 **Description** The issue arises from the web application dynamically generating web content without validating the source of potentially untrusted data. This is specifically noted in the file myapp/extensions/albums/admin/class-meta-boxes.php. **Recommendations** For FooGallery – Responsive Photo Gallery version 2.4.29, consider restricting access to the class-meta-boxes.php file until a patch is available. As a temporary workaround, avoid using the `class-meta-boxes.php` file in the myapp/extensions/albums/admin directory to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Age Verification for your checkout page Verify your customer's identity version 1.20.0 Description: The web application dynamically generates web content without validating the source of potentially untrusted data. This issue is located in the file `myapp/class-wc-integration-agechecker-integration.php`. Recommendations: For version 1.20.0, consider validating the source of all data used in dynamically generated web content to prevent potential exploitation. As a temporary workaround, restrict access to the `class-wc-integration-agechecker-integration.php` file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Deep Freeze version 9.00.020.5760 Description: The issue is an out-of-bounds read vulnerability in the FarDisk.sys driver of Deep Freeze. It can be triggered by the 0x70014 IOCTL code. This vulnerability is locally exploitable and can lead to system compromise if not patched. Recommendations: For Deep Freeze version 9.00.020.5760, patch the system as soon as possible to prevent exploitation. As a temporary workaround, consider restricting access to the FarDisk.sys driver until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MSI Afterburner version 4.6.6.16381 Beta 3 **Description** The issue is related to an ACL Bypass vulnerability in the RTCore64.sys driver, which can lead to incorrect authorization and potentially compromise the local system. **Recommendations** Update to the latest patch version immediately to resolve the issue. As a temporary workaround, consider disabling the RTCore64.sys driver until a patch is available. Monitor for exploit development to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Bkav Home version 7816, build 2403161130 **Description** The issue is related to a Memory Information Leak vulnerability. It can be triggered by using the 0x222240 IOCTL code of the BkavSDFlt.sys driver. **Recommendations** For Bkav Home version 7816, build 2403161130, consider disabling the BkavSDFlt.sys driver or restricting access to the 0x222240 IOCTL code as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Watchdog Antivirus version 1.6.415 **Description** The issue is related to a Denial of Service vulnerability that can be triggered by exploiting the 0x80002014 IOCTL code of the wsdk-driver.sys driver. **Recommendations** For Watchdog Antivirus version 1.6.415, as a temporary workaround, consider disabling the use of the wsdk-driver.sys driver until a patch is available. Restrict access to the vulnerable driver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Zemana AntiLogger version 2.74.204.664 **Description** The issue is a Denial of Service (DoS) vulnerability that can be triggered by exploiting the 0x80002004 and 0x80002010 IOCTL codes of the zam64.sys and zamguard64.sys drivers. **Recommendations** For Zemana AntiLogger version 2.74.204.664, as a temporary workaround, consider disabling the `zam64.sys` and `zamguard64.sys` drivers until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zemana AntiLogger version 2.74.204.664 **Description** The issue is a Memory Information Leak vulnerability that can be triggered by using the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers. **Recommendations** For Zemana AntiLogger version 2.74.204.664, consider disabling the vulnerable drivers zam64.sys and zamguard64.sys as a temporary workaround until a patch is available. Avoid triggering the 0x80002020 IOCTL code to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MSI Afterburner version 4.6.5.16370 **Description** A kernel memory leak occurs when triggering the `0x80002040` IOCTL code of the `RTCore64.sys` driver. IOCTL (Input/Output Control) is a device driver function used to send control codes directly to a device driver. Access to the driver handle is restricted to high integrity processes. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MSI Afterburner version 4.6.5.16370 **Description** The issue concerns a Denial of Service vulnerability that can be triggered by sending a specific IOCTL code, 0x80002000, to the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process. **Recommendations** For MSI Afterburner version 4.6.5.16370, as a temporary workaround, consider restricting access to the RTCore64.sys driver to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zemana AntiLogger version 2.74.204.664 **Description** The issue is related to the incorrect validation of a critical resource in the IOCTL Handler component of the zam64.sys and zamguard64.sys drivers in Zemana AntiLogger. This can be exploited to cause a denial of service by triggering the `0x80002048` IOCTL code. **Recommendations** For Zemana AntiLogger version 2.74.204.664, as a temporary workaround, consider disabling the `zam64.sys` and `zamguard64.sys` drivers until a patch is available. Restrict access to the vulnerable `0x80002048` IOCTL code to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vba32 Antivirus version 3.36.0 **Description** The issue concerns an Arbitrary Memory Read vulnerability. The 0x22200B IOCTL code of the Vba32m64.sys driver allows reading up to 0x802 of memory from an arbitrary user-supplied pointer. **Recommendations** For Vba32 Antivirus version 3.36.0, consider restricting access to the Vba32m64.sys driver to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the 0x22200B IOCTL code in the Vba32m64.sys driver.

**Name of the Vulnerable Software and Affected Versions** Vba32 Antivirus version 3.36.0 **Description** The issue is related to an Arbitrary Memory Read vulnerability. It can be triggered by using specific IOCTL codes of the Vba32m64.sys driver, including 0x22201B, 0x22201F, 0x222023, 0x222027, 0x22202B, 0x22202F, 0x22203F, 0x222057, and 0x22205B. **Recommendations** For Vba32 Antivirus version 3.36.0, consider disabling the Vba32m64.sys driver as a temporary workaround until a patch is available. Restrict access to the vulnerable driver to minimize the risk of exploitation. Avoid triggering the specified IOCTL codes until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Twister Antivirus version 8.17 **Description** The issue allows Elevation of Privileges on the computer where Twister Antivirus is installed by triggering specific IOCTL codes of the fildds.sys driver, including 0x80112067, 0x801120CB, and 0x801120CC. This can be exploited to gain elevated privileges. **Recommendations** For Twister Antivirus version 8.17, consider disabling the fildds.sys driver or restricting access to the vulnerable IOCTL codes as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Twister Antivirus version 8.17 **Description** The issue is related to an Out-of-bounds Read vulnerability. It can be triggered by using the 0x801120B8 IOCTL code of the filmfd.sys driver. **Recommendations** For Twister Antivirus version 8.17, as a temporary workaround, consider disabling the filmfd.sys driver until a patch is available. Restrict access to the IOCTL code 0x801120B8 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vba32 Antivirus version 3.36.0 **Description** The issue is related to a Denial of Service vulnerability. It can be triggered by using the 0x2220A7 IOCTL code of the Vba32m64.sys driver. **Recommendations** For Vba32 Antivirus version 3.36.0, consider disabling the Vba32m64.sys driver as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** SUPERAntiSpyware Pro X version 10.0.1260 **Description** The issue concerns kernel-level API parameters manipulation and Denial of Service vulnerabilities. This can be triggered by manipulating the `0x9C402140` IOCTL code of the `saskutil64.sys` driver. **Recommendations** For SUPERAntiSpyware Pro X version 10.0.1260, consider disabling the `saskutil64.sys` driver until a patch is available to prevent exploitation of the Denial of Service vulnerability. Restrict access to the IOCTL code `0x9C402140` to minimize the risk of manipulation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.