Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog Docs About Contact

advanced system care vulnerabilities and exploits

(subscribe to this query)
7.8
CVSSv3

CVE-2022-24139

In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login t...
Iobit Advanced System Care 15
6.6
CVSSv3

CVE-2022-24140

IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the updat...
Iobit Advanced System Care 15Iobit Driver Booster 9Iobit Itop Screen Recorder 2.1Iobit Itop Screenshot -Iobit Itop Vpn 3.2
7.8
CVSSv3

CVE-2022-24138

IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switc...
Iobit Advanced Systemcare 15
7.5
CVSSv2

CVE-2015-6420

Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons CollectionsApache Commons Collections 4.0
7.5
CVSSv3

CVE-2017-3733

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl OpensslOpenssl Openssl 1.1.0Openssl Openssl 1.1.0aOpenssl Openssl 1.1.0bOpenssl Openssl 1.1.0cOpenssl Openssl 1.1.0dHp Operations Agent 11.14Hp Operations Agent 11.15
7.5
CVSSv3

CVE-2017-3730

In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl OpensslOpenssl Openssl 1.1.0Openssl Openssl 1.1.0aOpenssl Openssl 1.1.0bOpenssl Openssl 1.1.0cOracle Agile Engineering Data Management 6.1.3Oracle Agile Engineering Data Management 6.2.0Oracle Communications Application Session Controller 3.7.1Oracle Communications Application Session Controller 3.8.0Oracle Communications Eagle Lnp Application Processor 10.0Oracle Communications Eagle Lnp Application Processor 10.1Oracle Communications Eagle Lnp Application Processor 10.2
7.8
CVSSv3

CVE-2021-3156

Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project SudoSudo Project Sudo 1.9.5Fedoraproject Fedora 32Fedoraproject Fedora 33Debian Debian Linux 9.0Debian Debian Linux 10.0Netapp Active Iq Unified Manager -Netapp Cloud Backup -Netapp Hci Management Node -Netapp Oncommand Unified Manager Core Package -Netapp Ontap Select Deploy Administration Utility -Netapp Ontap Tools 9
7.5
CVSSv3

CVE-2016-2180

The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1Openssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1k
5.9
CVSSv3

CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Freebsd Freebsd 12.2Netapp Active Iq Unified Manager -Netapp Cloud Volumes Ontap Mediator -Netapp E-series Performance Analyzer -Netapp Oncommand Insight -Netapp Oncommand Workflow Automation -Netapp Ontap Select Deploy Administration Utility -Netapp Santricity Smi-s Provider -Netapp Snapcenter -
7.5
CVSSv3

CVE-2018-17144

Bitcoin Core 0.14.x prior to 0.14.3, 0.15.x prior to 0.15.2, and 0.16.x prior to 0.16.3 and Bitcoin Knots 0.14.x up to and including 0.16.x prior to 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoin...
Bitcoin Bitcoin CoreBitcoinknots Bitcoin Knots
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-3248thanhtungtntremote code executioncodepen embed blockCVE-2025-6354chris coyierCVE-2025-50025nitin yawalkarcode executionCVE-2025-50038CVE-2023-0386cross-site scriptingCVE-2025-6351
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook