CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23259 – Groovy Sandbox Bypass
https://notcve.org/view.php?id=CVE-2021-23259
Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE). Los usuarios autenticados con roles de Administrador o Desarrollador pueden ejecutar comandos del sistema operativo mediante el Script Groovy que usa Groovy lib para renderizar una página web. El script groovy no presenta restricciones de seguridad, lo que causará que atacantes ejecuten comandos arbitrarios de forma remota (RCE) • https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120102 • CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38002
https://notcve.org/view.php?id=CVE-2021-38002
Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en Web Transport en Google Chrome versiones anteriores a 95.0.4638.69, permitía a un atacante remoto llevar a cabo un escape de sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html https://crbug.com/1260940 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744 https://www.debian.org/security/2022/dsa-5046 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-34994 – Commvault CommCell DataProvider JavaScript Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2021-34994
An attacker can leverage this vulnerability to escape the JavaScript sandbox and execute Java code in the context of NETWORK SERVICE. ... Un atacante puede aprovechar esta vulnerabilidad para escapar del sandbox de JavaScript y ejecutar código Java en el contexto de NETWORK SERVICE. ... An attacker can leverage this vulnerability to escape the JavaScript sandbox and execute Java code in the context of NETWORK SERVICE. • https://www.zerodayinitiative.com/advisories/ZDI-21-1329 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1CVE-2020-6492
https://notcve.org/view.php?id=CVE-2020-6492
Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 83.0.4103.97, permitía a un atacante remoto llevar a cabo potencialmente un escape de sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html https://crbug.com/1078375 • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2021-37981
https://notcve.org/view.php?id=CVE-2021-37981
Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento del búfer de la pila en Skia en Google Chrome versiones anteriores a 95.0.4638.54, permitía a un atacante remoto que hubiera comprometido el proceso de renderización llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html https://crbug.com/1246631 https://www.debian.org/security/2022/dsa-5046 • CWE-787: Out-of-bounds Write •