CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35978 – Lua sandbox escape from mod in Minetest
https://notcve.org/view.php?id=CVE-2022-35978
Minetest is a free open-source voxel game engine with easy modding and game creation. In **single player**, a mod can set a global setting that controls the Lua script loaded to display the main menu. The script is then loaded as soon as the game session is exited. The Lua environment the menu runs in is not sandboxed and can directly interfere with the user's system. There are currently no known workarounds. • https://dev.minetest.net/Changelog#5.5.0_.E2.86.92_5.6.0 https://github.com/minetest/minetest/commit/da71e86633d0b27cd02d7aac9fdac625d141ca13 https://github.com/minetest/minetest/security/advisories/GHSA-663q-pcjw-27cc • CWE-693: Protection Mechanism Failure •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26696 – Apple macOS LaunchServices Sandbox Escape Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-26696
A sandboxed process may be able to circumvent sandbox restrictions. ... Un proceso en sandbox puede ser capaz de omitir las restricciones del sandbox This vulnerability allows remote attackers to escape the sandbox on affected installations of Apple macOS. • https://support.apple.com/en-us/HT213257 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20302
https://notcve.org/view.php?id=CVE-2022-20302
In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200746457 En Settings, se presenta una posible forma de omitir las protecciones de restablecimiento de fábrica debido a un escape de sandbox. • https://source.android.com/security/bulletin/android-13 •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1CVE-2021-41556
https://notcve.org/view.php?id=CVE-2021-41556
If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all dangerous functionality such as File System functions has been disabled. ... Si una víctima ejecuta un script de Squirrel controlado por un atacante, es posible que el atacante salga del sandbox del script de Squirrel incluso si toda la funcionalidad peligrosa, como las funciones del sistema de archivos, ha sido deshabilitada. • http://www.squirrel-lang.org/#download https://blog.sonarsource.com/squirrel-vm-sandbox-escape https://github.com/albertodemichelis/squirrel/commit/23a0620658714b996d20da3d4dd1a0dcf9b0bd98 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV7SJJ44AGAX4ILIVPREIXPJ2GOG3FKV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M3FQILX7UUEERSDPMZP3MKGTMY2E7ESU • CWE-125: Out-of-bounds Read •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 2CVE-2019-10761 – Sandbox Bypass
https://notcve.org/view.php?id=CVE-2019-10761
This affects the package vm2 before 3.6.11. It is possible to trigger a RangeError exception from the host rather than the "sandboxed" context by reaching the stack call limit with an infinite recursion. The returned object is then used to reference the mainModule property of the host code running the script allowing it to spawn a child_process and execute arbitrary code. Esto afecta al paquete vm2 versiones anteriores a 3.6.11. Es posible desencadenar una excepción RangeError desde el host y no desde el contexto "sandboxed" alcanzando el límite de llamadas de la pila con una recursión infinita. • https://github.com/ossf-cve-benchmark/CVE-2019-10761 https://github.com/patriksimek/vm2/commit/4b22d704e4794af63a5a2d633385fd20948f6f90 https://github.com/patriksimek/vm2/issues/197 https://snyk.io/vuln/SNYK-JS-VM2-473188 • CWE-674: Uncontrolled Recursion •