CVSS: 10.0EPSS: 77%CPEs: 1EXPL: 6CVE-2023-30547 – Sandbox Escape in vm2
https://notcve.org/view.php?id=CVE-2023-30547
17 Apr 2023 — vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to raise an unsanitized host exception inside `handleException()` which can be used to escape the sandbox and run arbitrary code in host context. ... A flaw was found in the vm2 sandbox. ... This issue may allow an attacker to bypass the sandbox protections, which can lead to remot... • https://github.com/rvizx/CVE-2023-30547 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.0EPSS: 1%CPEs: 4EXPL: 1CVE-2023-2017 – Improper Control of Generation of Code in Twig Rendered Views in Shopware
https://notcve.org/view.php?id=CVE-2023-2017
17 Apr 2023 — Server-side Template Injection (SSTI) in Shopware 6 (<= v6.4.20.0, v6.5.0.0-rc1 <= v6.5.0.0-rc4), affecting both shopware/core and shopware/platform GitHub repositories, allows remote attackers with access to a Twig environment without the Sandbox extension to bypass the validation checks in `Shopware\Core\Framework\Adapter\Twig\SecurityExtension` and call any arbitrary PHP function and thus execute arbitrary code/commands via usage of fully-qualified names, supplied as array of strings, when ... • https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-04-2023 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-184: Incomplete List of Disallowed Inputs CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 10.0EPSS: 28%CPEs: 1EXPL: 1CVE-2023-29199 – vm2 Sandbox escape vulnerability
https://notcve.org/view.php?id=CVE-2023-29199
14 Apr 2023 — There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass `handleException()` and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. ... A flaw was found in the vm2 sandbox. ... This issue may all... • https://gist.github.com/leesh3288/f05730165799bf56d70391f3d9ea187c • CWE-755: Improper Handling of Exceptional Conditions CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-26405 – ZDI-CAN-20712: Object Prototype pollution which leads to API Restrictions Bypass
https://notcve.org/view.php?id=CVE-2023-26405
12 Apr 2023 — This vulnerability allows remote attackers to escape the sandbox on affected installations of Adobe Acrobat Reader DC. ... An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/acrobat/apsb23-24.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 8CVE-2023-26122
https://notcve.org/view.php?id=CVE-2023-26122
11 Apr 2023 — All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. ... All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. • https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce • CWE-265: Privilege Issues CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2023-26919
https://notcve.org/view.php?id=CVE-2023-26919
10 Apr 2023 — delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process. • https://github.com/javadelight/delight-nashorn-sandbox/issues/135 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 59%CPEs: 1EXPL: 4CVE-2023-29017 – vm2 Sandbox Escape vulnerability
https://notcve.org/view.php?id=CVE-2023-29017
06 Apr 2023 — vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. ... A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. ... This flaw allows a remote, unauthenticated attacker to escape the restrictions of the sandbox and execute code on the host. • https://github.com/timb-machine-mirrors/seongil-wi-CVE-2023-29017 • CWE-755: Improper Handling of Exceptional Conditions CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 1CVE-2022-27665
https://notcve.org/view.php?id=CVE-2022-27665
03 Apr 2023 — Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. • https://github.com/dievus/CVE-2022-27665 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-27944 – Apple Security Advisory 2023-03-27-3
https://notcve.org/view.php?id=CVE-2023-27944
28 Mar 2023 — An app may be able to break out of its sandbox. macOS Ventura 13.3 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213670 • CWE-346: Origin Validation Error •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-23532 – Apple Security Advisory 2023-03-27-3
https://notcve.org/view.php?id=CVE-2023-23532
28 Mar 2023 — An app may be able to break out of its sandbox. iOS 16.4 and iPadOS 16.4 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213670 •