CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44256 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44256
28 Oct 2024 — An app may be able to break out of its sandbox. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44216 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44216
28 Oct 2024 — An access issue was addressed with additional sandbox restrictions. ... An app may be able to access user-sensitive data. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44270 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44270
28 Oct 2024 — A sandboxed process may be able to circumvent sandbox restrictions. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44122 – Apple Security Advisory 10-28-2024-5
https://notcve.org/view.php?id=CVE-2024-44122
28 Oct 2024 — An application may be able to break out of its sandbox. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121238 • CWE-693: Protection Mechanism Failure •
CVSS: 9.8EPSS: 76%CPEs: -EXPL: 2CVE-2024-39205 – Pyload Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-39205
28 Oct 2024 — CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. ... This endpoint was designed to only accept connections from localhost but by manipul... • https://packetstorm.news/files/id/182692 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7024
https://notcve.org/view.php?id=CVE-2024-7024
23 Sep 2024 — Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://issues.chromium.org/issues/334120897 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44132 – Apple Security Advisory 09-16-2024-2
https://notcve.org/view.php?id=CVE-2024-44132
16 Sep 2024 — An app may be able to break out of its sandbox. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44186 – Apple Security Advisory 09-16-2024-2
https://notcve.org/view.php?id=CVE-2024-44186
16 Sep 2024 — An access issue was addressed with additional sandbox restrictions. ... An app may be able to access protected user data. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44148 – Apple Security Advisory 09-16-2024-2
https://notcve.org/view.php?id=CVE-2024-44148
16 Sep 2024 — An app may be able to break out of its sandbox. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44135 – Apple Security Advisory 09-16-2024-9
https://notcve.org/view.php?id=CVE-2024-44135
16 Sep 2024 — An app may be able to access protected files within an App Sandbox container. macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities. • https://support.apple.com/en-us/121238 • CWE-276: Incorrect Default Permissions •