CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2024-43102 – umtx Kernel panic or Use-After-Free
https://notcve.org/view.php?id=CVE-2024-43102
05 Sep 2024 — A malicious code exercizing the UMTX_SHM_DESTROY sub-request in parallel can panic the kernel or enable further Use-After-Free attacks, potentially including code execution or Capsicum sandbox escape. • https://security.freebsd.org/advisories/FreeBSD-SA-24:14.umtx.asc • CWE-416: Use After Free CWE-911: Improper Update of Reference Count •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42472 – Flatpak may allow access to files outside sandbox for certain apps
https://notcve.org/view.php?id=CVE-2024-42472
15 Aug 2024 — If the source directory for the `persistent`/`--persist` option is replaced by a symlink, then the next time the application is started, the bind mount will follow the symlink and mount whatever it points to into the sandbox. ... A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling acces... • https://github.com/flatpak/flatpak/security/advisories/GHSA-7hgv-f2j8-xw87 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2024-7519 – mozilla: Out of bounds memory access in graphics shared memory handling
https://notcve.org/view.php?id=CVE-2024-7519
06 Aug 2024 — This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. ... This could be leveraged by an attacker to perform a sandbox escape. ... This could be leveraged by an attacker to perform a sandbox escape. ... An attacker could potentially exploit this issue to escape the sandbox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1902307 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7012
https://notcve.org/view.php?id=CVE-2023-7012
16 Jul 2024 — Insufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62 allowed an attacker who convinced a user to install a malicious app to potentially perform a sandbox escape via a malicious file. • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4860
https://notcve.org/view.php?id=CVE-2023-4860
16 Jul 2024 — Inappropriate implementation in Skia in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2023/07/stable-channel-update-for-desktop.html • CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-25154
https://notcve.org/view.php?id=CVE-2019-25154
16 Jul 2024 — Inappropriate implementation in iframe in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6779 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6779
16 Jul 2024 — Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-125: Out-of-bounds Read •
CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38531 – Nix sandbox escape
https://notcve.org/view.php?id=CVE-2024-38531
28 Jun 2024 — Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assume the permissions of a Nix daemon worker and hijack all future builds. This issue was patched in version(s) 2.23.1, 2.22.2, 2.21.3, 2.20.7, 2.19.5 and 2.18.4. Nix es un administrador de paquetes para Linux y otros ... • https://github.com/NixOS/nix/pull/10501 • CWE-278: Insecure Preserved Inherited Permissions •
CVSS: 10.0EPSS: 54%CPEs: 2EXPL: 3CVE-2024-28397 – Pyload Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-28397
20 Jun 2024 — CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. ... This endpoint was designed to only accept connections from localhost but by manipul... • https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.6EPSS: 0%CPEs: 35EXPL: 0CVE-2024-5700 – Mozilla: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
https://notcve.org/view.php?id=CVE-2024-5700
11 Jun 2024 — If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. ... An attacker could potentially exploit this issue to bypass sandbox restrictions to open a new window. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-786: Access of Memory Location Before Start of Buffer CWE-788: Access of Memory Location After End of Buffer •