CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42844 – Apple Security Advisory 2022-12-13-1
https://notcve.org/view.php?id=CVE-2022-42844
15 Dec 2022 — An app may be able to break out of its sandbox. ... Es posible que una aplicación pueda salir de su zona de pruebas. iOS 16.2 and iPadOS 16.2 addresses bypass, code execution, out of bounds write, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2022/Dec/20 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-42861 – Apple Security Advisory 2022-12-13-5
https://notcve.org/view.php?id=CVE-2022-42861
15 Dec 2022 — An app may be able to break out of its sandbox. ... Es posible que una aplicación pueda salir de su sandbox. macOS Ventura 13.1 addresses bypass, code execution, out of bounds access, out of bounds write, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2022/Dec/20 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4291 – Aswjsflt.dll in Avast Antivirus windows caused a crash of the Mozilla Firefox browser due to heap corruption
https://notcve.org/view.php?id=CVE-2022-4291
07 Dec 2022 — The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap corruption vulnerability that could enable an attacker to bypass the sandbox of the application it was loaded into, if applicable. ... La librería aswjsflt.dll de las ventanas de Avast Antivirus contenía una vulnerabilidad de corrupción de montón potencialmente explotable que podría permitir a un atacante omitir la sandbox de la aplicación en la que se cargó, si corresponde. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2022-4135 – Google Chromium GPU Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-4135
25 Nov 2022 — Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. ... Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_24.html • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3890 – Debian Security Advisory 5275-1
https://notcve.org/view.php?id=CVE-2022-3890
09 Nov 2022 — Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42811 – Apple Security Advisory 2022-10-24-1
https://notcve.org/view.php?id=CVE-2022-42811
31 Oct 2022 — An access issue was addressed with additional sandbox restrictions. ... Es posible que una aplicación pueda acceder a datos confidenciales del usuario. macOS Ventura 13 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213488 •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32890 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32890
31 Oct 2022 — A sandboxed process may be able to circumvent sandbox restrictions. ... Un proceso de sandbox puede eludir las restricciones del sandbox. macOS Ventura 13 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213488 •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-32892 – Apple Security Advisory 2022-10-24-2
https://notcve.org/view.php?id=CVE-2022-32892
31 Oct 2022 — An access issue was addressed with improvements to the sandbox. ... A sandboxed process may be able to circumvent sandbox restrictions. Se solucionó un problema de acceso con mejoras en el sandbox. ... Un proceso de espacio aislado puede eludir las restricciones del espacio aislado. macOS Ventura 13 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213442 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32904 – Apple Security Advisory 2022-10-27-9
https://notcve.org/view.php?id=CVE-2022-32904
31 Oct 2022 — An access issue was addressed with additional sandbox restrictions. ... Se solucionó un problema de acceso con restricciones adicionales de la sandbox. ... Es posible que una aplicación pueda acceder a datos confidenciales del usuario. macOS Ventura 13 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT213443 •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43401 – jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
https://notcve.org/view.php?id=CVE-2022-43401
19 Oct 2022 — Una vulnerabilidad de omisión del sandbox que involucra varios moldes llevados a cabo implícitamente por el tiempo de ejecución del lenguaje Groovy en Jenkins Script Security Plugin versiones 1183.v774b_0b_0a_a_451 y anteriores, permite a atacantes con permiso para definir y ejecutar scripts en sandbox, incluyendo Pipelines, omitir la protección del sandbox y ejecutar código arbitrario en el contexto de la JVM del controlador de Jenkins A sandbox bypass vulnerability