CVE-2023-1490

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
CVSS v2 Score
3.2
Low
Weakness Type
CWE-284
View all →

Vulnerability Description

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Affected by this issue is the function 0x220020 in the library SDActMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223376.

Related Vulnerabilities

CVE-2013-7460

MEDIUM
CVSS:5.5(Medium)

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part o...

CWE-2842013

CVE-2013-7461

MEDIUM
CVSS:5.5(Medium)

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write ...

CWE-2842013

CVE-2014-9798

MEDIUM
CVSS:5.5(Medium)

platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attac...

CWE-2842014

CVE-2015-1976

MEDIUM
CVSS:5.5(Medium)

IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.

CWE-2842015

CVE-2015-3840

MEDIUM
CVSS:5.5(Medium)

The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" ...

CWE-2842015

CVE-2015-7895

MEDIUM
CVSS:5.5(Medium)

Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).

CWE-2842015