CVSS: 9.6EPSS: 0%CPEs: 5EXPL: 1CVE-2021-38013 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38013
23 Dec 2021 — Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento del búfer de la pila en fingerprint recognition en Google Chrome en ChromeOS versiones anteriores a 96.0.4664.45, permitía a un atacante remoto que hubiera comprometido un proceso de renderización de la WebUI llevar a cabo potencialmente un filt... • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2021-41333 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-41333
15 Dec 2021 — Windows Print Spooler Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Windows Print Spooler This vulnerability allows local attackers to escape the low integrity sandbox on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41333 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23259 – Groovy Sandbox Bypass
https://notcve.org/view.php?id=CVE-2021-23259
02 Dec 2021 — Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE). Los usuarios autenticados con roles de Administrador o Desarrollador pueden ejecutar comandos del sistema operativo mediante el Script Groovy que usa Groovy lib para renderizar una página web. El script groovy no presenta restricciones de segu... • https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120102 • CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 9.6EPSS: 1%CPEs: 4EXPL: 0CVE-2021-38002 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-38002
23 Nov 2021 — Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en Web Transport en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto llevar a cabo un escape de sandbox por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, ... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34994 – Commvault CommCell DataProvider JavaScript Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2021-34994
22 Nov 2021 — An attacker can leverage this vulnerability to escape the JavaScript sandbox and execute Java code in the context of NETWORK SERVICE. ... Un atacante puede aprovechar esta vulnerabilidad para escapar del sandbox de JavaScript y ejecutar código Java en el contexto de NETWORK SERVICE. ... An attacker can leverage this vulnerability to escape the JavaScript sandbox and execute Java code in the context of NETWORK SERVICE. • https://www.zerodayinitiative.com/advisories/ZDI-21-1329 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28710 – Gentoo Linux Security Advisory 202208-23
https://notcve.org/view.php?id=CVE-2021-28710
21 Nov 2021 — En consecuencia, el huésped es capaz de escribir en las entradas de la tabla de páginas hoja Multiple vulnerabilities have been discovered in Xen, the worst of which could result in remote code execution (guest sandbox escape). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT • CWE-269: Improper Privilege Management •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1CVE-2020-6492
https://notcve.org/view.php?id=CVE-2020-6492
02 Nov 2021 — Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 83.0.4103.97, permitía a un atacante remoto llevar a cabo potencialmente un escape de sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 2%CPEs: 3EXPL: 0CVE-2021-37981 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-37981
02 Nov 2021 — Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento del búfer de la pila en Skia en Google Chrome versiones anteriores a 95.0.4638.54, permitía a un atacante remoto que hubiera comprometido el proceso de renderización llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple se... • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2021-21703 – PHP-FPM memory access in root process leading to privilege escalation
https://notcve.org/view.php?id=CVE-2021-21703
25 Oct 2021 — This vulnerability is hard to exploit as the attack needs to escape the FPM sandbox mechanism. • http://www.openwall.com/lists/oss-security/2021/10/26/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-284: Improper Access Control CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 1CVE-2021-42762 – Debian Security Advisory 4995-1
https://notcve.org/view.php?id=CVE-2021-42762
20 Oct 2021 — BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. ... El archivo BubblewrapLauncher.cpp en... • http://www.openwall.com/lists/oss-security/2021/10/26/9 •