CVE-2023-1491

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
CVSS v2 Score
3.2
Low
Weakness Type
CWE-284
View all →

Vulnerability Description

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been classified as critical. This affects the function 0x220020 in the library MaxCryptMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-223377 was assigned to this vulnerability.

Related Vulnerabilities

CVE-2013-7460

MEDIUM
CVSS:5.5(Medium)

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part o...

CWE-2842013

CVE-2013-7461

MEDIUM
CVSS:5.5(Medium)

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write ...

CWE-2842013

CVE-2014-9798

MEDIUM
CVSS:5.5(Medium)

platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attac...

CWE-2842014

CVE-2015-1976

MEDIUM
CVSS:5.5(Medium)

IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.

CWE-2842015

CVE-2015-3840

MEDIUM
CVSS:5.5(Medium)

The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" ...

CWE-2842015

CVE-2015-7895

MEDIUM
CVSS:5.5(Medium)

Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).

CWE-2842015