saurabh2088

4 exploits Active since Jan 2015
CVE-2024-28757 NOMISEC HIGH WRITEUP
libexpat < 2.6.2 - XML Entity Expansion via External Parser
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
CVSS 7.5
CVE-2024-28757 NOMISEC HIGH
libexpat < 2.6.2 - XML Entity Expansion via External Parser
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
CVSS 7.5
CVE-2023-40127 NOMISEC LOW WRITEUP
Android - Local Information Disclosure via Confused Deputy in Screenshot Access
In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS 3.3
CVE-2015-0205 NOMISEC WORKING POC
OpenSSL 1.0.0-1.0.0o and 1.0.1-1.0.1j - Unauthenticated Access via Missing CertificateVerify in DH Authentication
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.