cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-44898,https://securityvulnerability.io/vulnerability/CVE-2022-44898,Memory Corruption Vulnerability in Asus Aura Sync Software,"The MsIo64.sys driver in Asus Aura Sync prior to v1.07.79 contains a vulnerability that fails to properly validate input through specific IOCTL commands. This oversight can allow attackers to exploit the system by triggering memory corruption, potentially leading to a Denial of Service (DoS) condition or escalating privileges through crafted IOCTL requests. Users are advised to update to the latest version to mitigate risks associated with this vulnerability.",Asus,Aura Sync,7.8,HIGH,0.0009699999936856329,false,,false,false,false,,,false,false,,2022-12-14T00:00:00.000Z,0
CVE-2019-17603,https://securityvulnerability.io/vulnerability/CVE-2019-17603,Denial of Service and Privilege Escalation in Asus Aura Sync Software,"The Asus Aura Sync software version 1.07.71 contains a vulnerability within the Ene.sys driver that fails to adequately validate input for specific IOCTL commands. This oversight allows local users to exploit the system, resulting in potential denial of service or the ability to escalate privileges. By crafting specific kernel addresses, attackers can induce memory corruption, leading to system crashes or unauthorized access.",Asus,Aura Sync,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-06-02T14:47:03.000Z,0
CVE-2018-18535,https://securityvulnerability.io/vulnerability/CVE-2018-18535,,The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.,Asus,Aura Sync Firmware,7.8,HIGH,0.0010600000387057662,false,,false,false,false,,,false,false,,2018-12-26T20:00:00.000Z,0
CVE-2018-18536,https://securityvulnerability.io/vulnerability/CVE-2018-18536,,The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.,Asus,Aura Sync Firmware,7.8,HIGH,0.0010600000387057662,false,,false,false,false,,,false,false,,2018-12-26T20:00:00.000Z,0
CVE-2018-18537,https://securityvulnerability.io/vulnerability/CVE-2018-18537,,The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.,Asus,Aura Sync Firmware,5.5,MEDIUM,0.0008999999845400453,false,,false,false,false,,,false,false,,2018-12-26T20:00:00.000Z,0