NotCVE - SandBox Bypass

Page 21 of 1052 results (0.111 seconds)

CVSS: 5.5EPSS: 1%CPEs: 6EXPL: 0

CVE-2022-26706 – Apple Security Advisory 2022-05-16-1

https://notcve.org/view.php?id=CVE-2022-26706

17 May 2022 — An access issue was addressed with additional sandbox restrictions on third-party applications. ... A sandboxed process may be able to circumvent sandbox restrictions. Se abordó un problema de acceso con restricciones adicionales de sandbox en aplicaciones de terceros. ... Un proceso en sandbox puede ser capaz de omitir las restricciones de sandbox macOS Monterey 12.4 addresses buffer overflow, bypass, code execution, denial of service, integer overflow, out of boun... • https://support.apple.com/en-us/HT213253 •

CVSS: 7.4EPSS: 0%CPEs: 90EXPL: 1

CVE-2022-29586 – Konica Minolta bizhub MFP Printer Terminal Sandbox Escape

https://notcve.org/view.php?id=CVE-2022-29586

13 May 2022 — Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. An attacker must attach a keyboard to a USB port, press F12, and then escape from the kiosk mode. Los dispositivos bizhub MFP de Konica Minolta versiones anteriores a 14-04-2022, permiten un Escape de Sandbox. Un atacante debe conectar un teclado a un puerto USB, presionar F12 y luego escapar del modo kiosco Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape sandbox-escape-with-root-access-clear-text-passwords-in-konica-minolta-bizhub-mfp-printer-terminals •

CVSS: 4.7EPSS: 0%CPEs: 90EXPL: 2

CVE-2022-29587 – Konica Minolta bizhub MFP Printer Terminal Sandbox Escape

https://notcve.org/view.php?id=CVE-2022-29587

13 May 2022 — Los dispositivos bizhub MFP de Konica Minolta versiones anteriores a 14-04-2022, presentan un navegador interno Chromium que es ejecutado con privilegios de acceso root (también se conoce como super usuario) Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities. • https://sec-consult.com/vulnerability-lab/advisory/sandbox-escape-with-root-access-clear-text-passwords-in-konica-minolta-bizhub-mfp-printer-terminals • CWE-269: Improper Privilege Management •

CVSS: 7.5EPSS: 0%CPEs: 90EXPL: 1

CVE-2022-29588 – Konica Minolta bizhub MFP Printer Terminal Sandbox Escape

https://notcve.org/view.php?id=CVE-2022-29588

13 May 2022 — Los dispositivos bizhub MFP de Konica Minolta versiones anteriores a 14-04-2022, usan el almacenamiento de contraseñas en texto sin cifrar para los archivos /var/log/nginx/html/ADMINPASS y /etc/shadow Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities. • http://packetstormsecurity.com/files/167166/Konica-Minolta-bizhub-MFP-Printer-Terminal-Sandbox-Escape.html • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2022-29911 – Mozilla: iframe Sandbox bypass

https://notcve.org/view.php?id=CVE-2022-29911

04 May 2022 — An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present. ... Una implementación incorrecta de la nueva palabra clave de iframe sandbox allow-top-navigation-by-user-activation podría provocar la ejecución del script sin que allow-scripts esté presente. ... The Mozilla Foundation Security Advisory describes the issue of Firefox not pr... • https://bugzilla.mozilla.org/show_bug.cgi?id=1761981 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2022-23923 – Sandbox Bypass

https://notcve.org/view.php?id=CVE-2022-23923

01 May 2022 — All versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application. ... Todas las versiones del paquete jailed son vulnerables a una omisión de Sandbox por medio de un método exportado alert() que puede acceder a la aplicación principal. • https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2441254 •

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1309 – Gentoo Linux Security Advisory 202208-25

https://notcve.org/view.php?id=CVE-2022-1309

28 Apr 2022 — Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Una aplicación insuficiente de políticas en developer tools de Google Chrome versiones anteriores a 100.0.4896.88, permitía a un atacante remoto llevar a cabo un filtrado de sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the wors... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-863: Incorrect Authorization •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1312 – Gentoo Linux Security Advisory 202208-25

https://notcve.org/view.php?id=CVE-2022-1312

28 Apr 2022 — Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Un uso de memoria previamente liberada en storage en Google Chrome versiones anteriores a 100.0.4896.88, permitía a un atacante que convencía a un usuario para que instalara una extensión maliciosa llevar a cabo un filtrado de sandbox por medio de una extensión de Chrome ... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-38834

https://notcve.org/view.php?id=CVE-2021-38834

05 Apr 2022 — easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sandbox and execute arbitrary system commands through special js code. easy-mock versiones v1.5.0-v1.6.0, permite a atacantes remotos omitir el sandbox de vm2 y ejecutar comandos arbitrarios del sistema mediante código js especial • https://www.exploit-db.com/exploits/50194 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-46433

https://notcve.org/view.php?id=CVE-2021-46433

28 Mar 2022 — In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is true. En fenom versiones 2.12.1 y anteriores, se presenta una forma en el archivo fenom/src/Fenom/Template.php de omitir el sandbox para ejecutar código PHP arbitrario cuando disable_native_funcs es true • https://github.com/fenom-template/fenom/issues/331 •

1...19 20 21 22 23