CVE-2024-33224

HIGH Year: 2024
CVSS v3 Score
8.4
High
Weakness Type
CWE-269
View all →

Vulnerability Description

An issue in the component rtkio64.sys of Realtek Semiconductor Corp Realtek lO Driver v1.008.0823.2017 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

Related Vulnerabilities

CVE-1999-0084

HIGH
CVSS:8.4(High)

Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.

CWE-2691999

CVE-2016-1572

HIGH
CVSS:8.4(High)

mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated ...

CWE-2692016

CVE-2018-5884

HIGH
CVSS:8.4(High)

Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents.

CWE-2692018

CVE-2019-4448

HIGH
CVSS:8.4(High)

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an...

CWE-2692019

CVE-2021-1051

HIGH
CVSS:8.4(High)

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display con...

CWE-2692021

CVE-2021-22376

HIGH
CVSS:8.4(High)

A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to bypass user restrictions.

CWE-2692021