NotCVE - SandBox Escape

Page 24 of 609 results (0.116 seconds)

CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-21142 – Debian Security Advisory 4846-1

https://notcve.org/view.php?id=CVE-2021-21142

09 Feb 2021 — Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en Payments en Google Chrome en Mac versiones anteriores a 88.0.4324.146, permitía que un atacante remoto pudiera llevar a cabo un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of whic... • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 9.6EPSS: 1%CPEs: 2EXPL: 0

CVE-2021-21121 – Debian Security Advisory 4846-1

https://notcve.org/view.php?id=CVE-2021-21121

25 Jan 2021 — Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en Omnibox en Google Chrome en Linux versiones anteriores a 88.0.4324.96, permitía a un atacante remoto llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •

CVSS: 9.6EPSS: 9%CPEs: 2EXPL: 0

CVE-2021-21124 – Debian Security Advisory 4846-1

https://notcve.org/view.php?id=CVE-2021-21124

25 Jan 2021 — Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un potencial uso de la memoria previamente liberada en Speech Recognizer en Google Chrome en Android versiones anteriores a 88.0.4324.96, permitió a un atacante remoto llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been foun... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •

CVSS: 9.6EPSS: 15%CPEs: 2EXPL: 0

CVE-2021-21132 – Debian Security Advisory 4846-1

https://notcve.org/view.php?id=CVE-2021-21132

25 Jan 2021 — Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. Una implementación inapropiada en DevTools en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto llevar a cabo potencialmente un escape del sandbox por medio de una Extension de Chrome diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst ... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-21138 – Debian Security Advisory 4846-1

https://notcve.org/view.php?id=CVE-2021-21138

25 Jan 2021 — Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file. Un uso de la memoria previamente liberada en DevTools en Google Chrome versiones anteriores a 88.0.4324.96, permitía a un atacante local llevar a cabo potencialmente un escape del sandbox por medio de un archivo diseñado Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the a... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •

CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0

CVE-2020-16045

https://notcve.org/view.php?id=CVE-2020-16045

14 Jan 2021 — Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un Uso de la Memoria Previamente Liberada en Payments en Google Chrome en Android versiones anteriores de 87.0.4280.66 permitía a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página ... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2021-21261 – Flatpak sandbox escape via spawn portal

https://notcve.org/view.php?id=CVE-2021-21261

14 Jan 2021 — A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is present in versions from 0.11.4 and before fixed versions 1.8.5 and 1.10.0. ... Flatpak es un sistema para crear, distribuir y ejecutar aplicaciones de escritorio en sandbox en Linux. Se detectó un fallo en el servicio "flatpak-portal" que puede permitir que las aplicaciones en sandbox ... • https://github.com/flatpak/flatpak/commit/6d1773d2a54dde9b099043f07a2094a4f1c2f486 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.6EPSS: 1%CPEs: 4EXPL: 0

CVE-2021-21115 – Gentoo Linux Security Advisory 202101-05

https://notcve.org/view.php?id=CVE-2021-21115

08 Jan 2021 — User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en safe browsing en Google Chrome versiones anteriores a 87.0.4280.141, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML dise... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 9.6EPSS: 1%CPEs: 5EXPL: 0

CVE-2021-21107 – Gentoo Linux Security Advisory 202101-05

https://notcve.org/view.php?id=CVE-2021-21107

08 Jan 2021 — Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en drag and drop en Google Chrome en Linux versiones anteriores a 87.0.4280.141, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 9.6EPSS: 1%CPEs: 4EXPL: 0

CVE-2021-21108 – Gentoo Linux Security Advisory 202101-05

https://notcve.org/view.php?id=CVE-2021-21108

08 Jan 2021 — Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en media en Google Chrome versiones anteriores a 87.0.4280.141, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vul... • https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

1...22 23 24 25 26