RenukaSelvar

9 exploits Active since Aug 2015
CVE-2024-28757 NOMISEC HIGH WRITEUP
libexpat < 2.6.2 - XML Entity Expansion via External Parser
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
CVSS 7.5
CVE-2023-40127 NOMISEC LOW WRITEUP
Android - Local Information Disclosure via Confused Deputy in Screenshot Access
In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS 3.3
CVE-2023-40127 NOMISEC LOW WRITEUP
Android - Local Information Disclosure via Confused Deputy in Screenshot Access
In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS 3.3
CVE-2022-20140 NOMISEC CRITICAL WORKING POC
Android -12, -12L - Privilege Escalation
In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988
CVSS 9.8
CVE-2020-24370 NOMISEC MEDIUM WRITEUP
Lua 5.4.0 - Integer Underflow via getlocal/setlocal Debug Interface
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
CVSS 5.3
CVE-2020-24370 NOMISEC MEDIUM WORKING POC
Lua 5.4.0 - Integer Underflow via getlocal/setlocal Debug Interface
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
CVSS 5.3
CVE-2015-3239 NOMISEC WORKING POC
libunwind 1.1 - Off-by-One Error in dwarf_to_unw_regnum
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.
CVE-2015-3239 NOMISEC WORKING POC
libunwind 1.1 - Off-by-One Error in dwarf_to_unw_regnum
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.
CVE-2015-3239 NOMISEC WORKING POC
libunwind 1.1 - Off-by-One Error in dwarf_to_unw_regnum
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes.