Dhanesh Kizhakkinan

9 exploits Active since Mar 2020
CVE-2019-15661 WRITEUP HIGH WRITEUP
Killernetworking Killer Control Center - Out-of-Bounds Write
An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate parameters, leading to a stack-based buffer overflow, which can lead to code execution or escalation of privileges.
CVSS 7.2
CVE-2019-15662 WRITEUP LOW WRITEUP
Killernetworking Killer Control Center < 2.1.1352 - Out-of-Bounds Read
An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120444 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary read primitive that can be used as part of a chain to escalate privileges.
CVSS 2.7
CVE-2019-15663 WRITEUP LOW WRITEUP
Killernetworking Killer Control Center < 2.1.1352 - Out-of-Bounds Read
An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120404 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an out-of-bounds read that can be used as part of a chain to escalate privileges (issue 1 of 2).
CVSS 2.7
CVE-2019-15664 WRITEUP LOW WRITEUP
Killernetworking Killer Control Center < 2.1.1352 - Out-of-Bounds Read
An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120404 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an out-of-bounds read that can be used as part of a chain to escalate privileges (issue 2 of 2).
CVSS 2.7
CVE-2019-15665 WRITEUP HIGH WRITEUP
Killernetworking Killer Control Center - Out-of-Bounds Write
An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary write primitive that can lead to code execution or escalation of privileges.
CVSS 7.2
CVE-2022-21917 WRITEUP HIGH WRITEUP
HEVC Video Extensions - RCE
HEVC Video Extensions Remote Code Execution Vulnerability
CVSS 7.8
CVE-2022-42455 WRITEUP HIGH WRITEUP
Asus Armoury Crate < 5.3.4.1 - Improper Privilege Management
ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges.
CVSS 7.8
CVE-2020-3950 METASPLOIT HIGH ruby WORKING POC
VMware Fusion <11.5.2 - Privilege Escalation
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed.
CVSS 7.8
CVE-2020-3950 EXPLOITDB HIGH ruby WORKING POC
VMware Fusion <11.5.2 - Privilege Escalation
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed.
CVSS 7.8