NotCVE - SandBox Escape

Page 32 of 442 results (0.067 seconds)

CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 1

CVE-2021-30571

https://notcve.org/view.php?id=CVE-2021-30571

Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. Una aplicación insuficiente de políticas en DevTools en Google Chrome anterior a versión 92.0.4515.107, permitía que un atacante que convencía a un usuario de instalar una extensión maliciosa pudiera potencialmente llevar a cabo un escape de la sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop_20.html https://crbug.com/1101897 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LVY4WIWTVVYKQMROJJS365TZBKEARCF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPJPUSAWIJMQFBQQQYXAICLI4EKFQOH6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QW4R2K5HVJ4R6XDZYOJCCFPIN2XHNS3L • CWE-863: Incorrect Authorization •

CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1

CVE-2021-30528 – Chrome Sandbox Escape

https://notcve.org/view.php?id=CVE-2021-30528

Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en WebAuthentication en Google Chrome en Android anterior a versión 91.0.4472.77, permitía a un atacante remoto que ha comprometido el proceso de renderización de un usuario que ha guardado una tarjeta de crédito en su cuenta de Google explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • http://packetstormsecurity.com/files/172844/Chrome-Sandbox-Escape.html https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html https://crbug.com/1206329 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54 https://security.gentoo.org/glsa/202107-06 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-32629 – Memory access due to code generation flaw in Cranelift module

https://notcve.org/view.php?id=CVE-2021-32629

There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in a Wasm program. ... Under these circumstances there is a potential sandbox escape when the i32 value is a pointer. ... Bajo estas circunstancias hay un potencial escape de la caja de arena cuando el valor i32 es un puntero. • https://crates.io/crates/cranelift-codegen https://github.com/bytecodealliance/wasmtime/commit/95559c01aaa7c061088a433040f31e8291fb09d0 https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hpqh-2wqx-7qp5 https://www.fastly.com/security-advisories/memory-access-due-to-code-generation-flaw-in-cranelift-module • CWE-125: Out-of-bounds Read CWE-681: Incorrect Conversion between Numeric Types CWE-788: Access of Memory Location After End of Buffer •

CVSS: 5.2EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-21264 – Bypass of fix for CVE-2020-26231, Twig sandbox escape

https://notcve.org/view.php?id=CVE-2021-21264

An authenticated backend user with the `cms.manage_pages`, `cms.manage_layouts`, or `cms.manage_partials` permissions who would **normally** not be permitted to provide PHP code to be executed by the CMS due to `cms.enableSafeMode` being enabled is able to write specific Twig code to escape the Twig sandbox and execute arbitrary PHP. ... Un usuario de back-end autenticado con los permisos "cms.manage_pages", "cms.manage_layouts" o "cms.manage_partials" que **normalmente** no podría proporcionar código PHP para ser ejecutado por el CMS debido a "cms.enableSafeMode" que está habilitado es capaz de escribir código Twig específico para escapar del sandbox Twig y ejecutar PHP arbitrario. • https://github.com/octobercms/october/security/advisories/GHSA-fcr8-6q7r-m4wg • CWE-862: Missing Authorization •

CVSS: 9.6EPSS: 1%CPEs: 5EXPL: 0

CVE-2021-21226

https://notcve.org/view.php?id=CVE-2021-21226

Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en navigation en Google Chrome versiones anteriores a 90.0.4430.85, permitía a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_20.html https://crbug.com/1197904 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A https://security.gentoo.org/glsa/202104-08 https:/ • CWE-416: Use After Free •

1...30 31 32 33 34