CVE-2024-10972 | Velocidex WinPmem up to 4.0 IRP_MJ_DEVICE_CONTROL input validation

Posted by Angelo Barbosa | Dec 16, 2024 | CVE

A vulnerability was found in Velocidex WinPmem up to 4.0. It has been rated as problematic. Affected by this issue is the function IRP_MJ_DEVICE_CONTROL. The manipulation leads to improper input validation.

This vulnerability is handled as CVE-2024-10972. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-10972 | Velocidex WinPmem up to 4.0 IRP_MJ_DEVICE_CONTROL input validation

Related Posts

CVE-2023-50981 | Crypto++ up to 8.9.0 DER ModularSquareRoot infinite loop (Issue 1249)

CVE-2024-38633 | Linux Kernel up to 6.9.3 max3100 uart_register_driver null pointer dereference

CVE-2024-0726 | Project Worlds Student Project Allocation System 1.0 Admin Login Module admin_login.php msg cross site scripting

CVE-2024-23513 | PropertyHive Plugin up to 2.0.5 on WordPress deserialization