Page 20 of 369 results (0.124 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

All versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application. • https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2441254 https://snyk.io/vuln/SNYK-JS-JAILED-2391490 •

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1

Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html https://crbug.com/1311701 https://security.gentoo.org/glsa/202208-25 • CWE-416: Use After Free •

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1

Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html https://crbug.com/1106456 https://security.gentoo.org/glsa/202208-25 • CWE-863: Incorrect Authorization •

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0

Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html https://crbug.com/1274077 https://security.gentoo.org/glsa/202208-25 • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Deno is a runtime for JavaScript and TypeScript. The versions of Deno between release 1.18.0 and 1.20.2 (inclusive) are vulnerable to an attack where a malicious actor controlling the code executed in a Deno runtime could bypass all permission checks and execute arbitrary shell code. This vulnerability does not affect users of Deno Deploy. The vulnerability has been patched in Deno 1.20.3. There is no workaround. • https://github.com/denoland/deno/security/advisories/GHSA-838h-jqp6-cf2f • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •